URL: https://positivo-agora.site/
Submission: On December 18 via api from CA — Scanned from US

Summary

This website contacted 20 IPs in 5 countries across 14 domains to perform 386 HTTP transactions. The main IP is 144.217.128.200, located in Beauharnois, Canada and belongs to OVH OVH SAS, FR. The main domain is positivo-agora.site.
TLS certificate: Issued by R10 on December 18th 2024. Valid for: 3 months.
This is the only time positivo-agora.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 144.217.128.200 16276 (OVH OVH SAS)
20 2a09:8280:1::... 40509 (FLY)
10 2a04:4e42:600... 54113 (FASTLY)
20 2607:f8b0:400... 15169 (GOOGLE)
10 18.154.230.100 16509 (AMAZON-02)
30 31.13.66.19 32934 (FACEBOOK)
50 23.205.107.78 20940 (AKAMAI-AS...)
22 43.152.136.155 139341 (ACE-AS-AP...)
19 104.26.12.205 13335 (CLOUDFLAR...)
19 2607:f2d8:1:3... 18450 (WEBNX)
40 31.13.66.35 32934 (FACEBOOK)
20 173.194.66.106 15169 (GOOGLE)
10 209.85.232.156 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
21 52.67.183.120 16509 (AMAZON-02)
3 2600:1408:c40... 20940 (AKAMAI-AS...)
9 209.85.201.154 15169 (GOOGLE)
27 23.218.216.151 20940 (AKAMAI-AS...)
15 23.218.216.147 20940 (AKAMAI-AS...)
386 20
Apex Domain
Subdomains
Transfer
50 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
184 KB
41 utmify.com.br
cdn.utmify.com.br — Cisco Umbrella Rank: 442615
tracking.utmify.com.br — Cisco Umbrella Rank: 596098
19 KB
40 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
4 KB
38 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2001
api6.ipify.org — Cisco Umbrella Rank: 34055
9 KB
30 mythad.com
ads.mythad.com — Cisco Umbrella Rank: 28940 Failed
8 KB
30 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
78 KB
22 kwai.net
s1.kwai.net — Cisco Umbrella Rank: 27600
212 KB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
22 KB
20 google.com
www.google.com — Cisco Umbrella Rank: 3
640 B
20 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
15 kwai-pro.com
logsdk.kwai-pro.com — Cisco Umbrella Rank: 28142
2 KB
11 positivo-agora.site
positivo-agora.site
45 KB
10 cloudfront.net
d9hhrg4mnvzow.cloudfront.net
6 KB
10 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
27 KB
386 14
Domain Requested by
50 analytics.tiktok.com positivo-agora.site
analytics.tiktok.com
40 www.facebook.com positivo-agora.site
30 ads.mythad.com s1.kwai.net
30 connect.facebook.net positivo-agora.site
connect.facebook.net
22 s1.kwai.net positivo-agora.site
s1.kwai.net
21 tracking.utmify.com.br cdn.utmify.com.br
20 www.google.com www.googletagmanager.com
positivo-agora.site
20 www.googletagmanager.com positivo-agora.site
www.googletagmanager.com
20 cdn.utmify.com.br positivo-agora.site
19 api6.ipify.org cdn.utmify.com.br
19 api.ipify.org cdn.utmify.com.br
15 logsdk.kwai-pro.com s1.kwai.net
11 positivo-agora.site cdn.utmify.com.br
10 td.doubleclick.net www.googletagmanager.com
10 googleads.g.doubleclick.net www.googletagmanager.com
10 d9hhrg4mnvzow.cloudfront.net positivo-agora.site
10 cdn.jsdelivr.net positivo-agora.site
386 17

This site contains no links.

Subject Issuer Validity Valid
positivo-agora.site
R10
2024-12-18 -
2025-03-18
3 months crt.sh
cdn.utmify.com.br
E6
2024-12-05 -
2025-03-05
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-27 -
2024-12-26
3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2024-07-15 -
2025-07-15
a year crt.sh
*.kwai.net
GlobalSign RSA OV SSL CA 2018
2024-10-24 -
2025-11-25
a year crt.sh
ipify.org
WE1
2024-11-13 -
2025-02-11
3 months crt.sh
*.ipify.org
RapidSSL TLS RSA CA G1
2024-02-08 -
2025-03-10
a year crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.g.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
tracking.utmify.com.br
Amazon RSA 2048 M02
2024-08-31 -
2025-09-29
a year crt.sh
*.mythad.com
GlobalSign GCC R3 DV TLS CA 2020
2024-11-06 -
2025-12-08
a year crt.sh
*.kwai-pro.com
GlobalSign GCC R3 DV TLS CA 2020
2024-07-30 -
2025-08-31
a year crt.sh

This page contains 27 frames:

Primary Page: https://positivo-agora.site/
Frame ID: EAD2987026190673D2E86781EE8D2FBD
Requests: 37 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555391222&cv=11&fst=1734555391222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 2DDEF4B18CD6936A8F5FA30FFAED2350
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: 7C6FDAD0E6BEE4DA6C56FEF89D8C38FE
Requests: 1 HTTP requests in this frame

Frame: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Frame ID: 971A7B3A761D7F1F7672E1F5F56721D6
Requests: 143 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555391728&cv=11&fst=1734555391728&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: F0AF3338CDC3BEF056A7227AF040C715
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: BF091DD72A08143B2BF0C796957D500A
Requests: 1 HTTP requests in this frame

Frame: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Frame ID: 864273318B3365D98B123E1F55F366EF
Requests: 36 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555392257&cv=11&fst=1734555392257&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A5641E1784FDE703B1612C3708E7D28D
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: 03E23B8C287D44DEF7F164F841427E38
Requests: 1 HTTP requests in this frame

Frame: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Frame ID: B5F727ED352D4CB8552BD2E2C755CB58
Requests: 36 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555392544&cv=11&fst=1734555392544&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 83A605DED2C3EBF88511D2EC2ECA0B33
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: F0231DC92CBC8BA02EBD4F99141C412B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555393780&cv=11&fst=1734555393780&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 03C6E107A35538A3A9721B41BD69551E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: CD2417545C1C3C3B333639EC711ECC2D
Requests: 1 HTTP requests in this frame

Frame: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Frame ID: 43CD3C938AADB5E9901FB343ED043982
Requests: 30 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555394070&cv=11&fst=1734555394070&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: ACE8E04866D65626818216F684C56848
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: C089B06C085A757EDCE1D31A170F9D2C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555394746&cv=11&fst=1734555394746&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: AD41F780BC6EE7F5F4504ACC9727C03C
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: 9C75A09D7FA51527D8DA5A64A81A177C
Requests: 1 HTTP requests in this frame

Frame: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Frame ID: AAAD057DF284A30704317B3089AE48B2
Requests: 37 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555395061&cv=11&fst=1734555395061&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A9B0C0650347468D7FEBBB7D7B0E0A12
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: 4B5999A3FF259452303EF181FDD1BA39
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555396727&cv=11&fst=1734555396727&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 89F05FCA7A78AA836237C9C6504B02EB
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: 5163101E0D11D9B2B79572A33B17FCF8
Requests: 1 HTTP requests in this frame

Frame: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Frame ID: 416EDC6BB68E35AE3F56F6A01DFD4701
Requests: 29 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16692136603?random=1734555397292&cv=11&fst=1734555397292&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 14E0884FF63CBE8BDAF52AC05EFB7A47
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Frame ID: C447E46982E68D4EBB4F995995C65C61
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

386
Requests

92 %
HTTPS

32 %
IPv6

14
Domains

17
Subdomains

20
IPs

5
Countries

716 kB
Transfer

17110 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

386 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
positivo-agora.site/
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:30 GMT
server
Apache
vary
Accept-Encoding
latest.js
cdn.utmify.com.br/scripts/utms/
13 KB
5 KB
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

fly-request-id
01JFDRXMV6RZ6XTQN95BKESSEA-mia
cache-control
public, max-age=0
content-encoding
zstd
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/
227 KB
27 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/
284 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/
5 KB
6 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/
31 KB
9 KB
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

fly-request-id
01JFDRXMWNTW268RKJZHT7B630-mia
cache-control
public, max-age=0
content-encoding
zstd
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f66911d0a0e77e5a85dd27628439ae7163c6088fa4d013d43ab55226f3e11c56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
expires
Wed, 18 Dec 2024 20:56:31 GMT
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=8
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
3fccee1a
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff6ffe8a48d396423aed959c5dd74a65999703d5df2dc175cee184e3fabb390ff7763d699a67885b5ae0da711dc82b8f75b6b9ae78ad535003a76e04a7a5c667522
x-origin-response-time
8,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24121820563115BD87715487E9969700-0ACFA6BD20164073-00
content-length
2372
x-tt-logid
2024121820563115BD87715487E9969700
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/
10 KB
5 KB
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
Content-Encoding
gzip
x-ks-client-ip
38.132.118.67
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
554212718244298978
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
Connection
keep-alive
Accept-Ranges
bytes
X-Ks-Request-ID
554212718244298978
Access-Control-Allow-Origin
*
Content-Length
3744
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Server
Lego Server
442067122332003
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
api.ipify.org/
22 B
316 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f5ab8c2743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29279&min_rtt=29223&rtt_var=4727&sent=6&recv=11&lost=0&retrans=0&sent_bytes=4033&recv_bytes=2206&delivery_rate=135030&cwnd=241&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=96&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:31 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/
22 B
227 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f5b49a4743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29512&min_rtt=29223&rtt_var=3101&sent=10&recv=13&lost=0&retrans=0&sent_bytes=4415&recv_bytes=2267&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=170&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:31 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/
351 KB
97 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
513423641743011
connect.facebook.net/signals/config/
25 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F&rl=&if=false&ts=1734555391190&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555391041&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4538, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
198 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F&rl=&if=false&ts=1734555391190&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555391041&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858678947498878"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858678947498878", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
kZNaoF7/1VQtFyIEzaczVcgFeUKnIXt19bsEJtPNdZ6WhdIxoCgW2C7NMhNJObBi99/dssEcefWtzpEPlF6z0g==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=5162, tp=17, tpl=0, uplat=112, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=899403620.1734555391&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555391232&tfd=1006&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555391222&cv=11&fst=1734555391222&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
35cf392e493ecdf15c2a6df4000033552ab48ac4305d5bc77e36cea39024b3b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2223
date
Wed, 18 Dec 2024 20:56:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame 2DDE
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555391222&cv=11&fst=1734555391222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 7C6F
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/
146 KB
39 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/
0
881 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:31 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=23, origin; dur=18, inner; dur=15
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:31 GMT
x-akamai-request-id
515d795e.3fccf25d
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e6309fcd1c52700771c6780e328696b8c43382714756fbebbb4147df0aafd08c045060447d96e9877676ff03b3f043f77e07f773374609395338efd892f2cadb5b6c5ad768260411a1e8801eed641dc630
x-origin-response-time
18,23.220.105.68
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241218205631CB2DBB09BDA2039DFD19-375BF4620608CD54-00
content-length
0
x-parent-response-time
28,23.218.223.71
x-tt-logid
20241218205631CB2DBB09BDA2039DFD19
server
nginx
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F&rl=&if=false&ts=1734555391358&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555391041&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=5002, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F&rl=&if=false&ts=1734555391358&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555391041&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858677797478019"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Gqd+jOF5R2Znr46r42iiFmf4/7CAWeYWUf+Jri94HCKvx5OxoPAPs7ZZRVCCi+ke/MJc4Jp3XoORtq6gq76T5Q==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858677797478019", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=8650, tp=21, tpl=0, uplat=36, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
events
tracking.utmify.com.br/tracking/v1/ Frame
0
0
Preflight
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:31 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
events
tracking.utmify.com.br/tracking/v1/
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:32 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
/
www.google.com/pagead/1p-user-list/16692136603/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555391222&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7diazCYrKz0mDERAsbLjvHqR9CHrWRqg&random=3313732588&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
events
tracking.utmify.com.br/tracking/v1/
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:32 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
events
tracking.utmify.com.br/tracking/v1/ Frame
0
0
Preflight
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:32 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
act
analytics.tiktok.com/api/v2/pixel/
0
720 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:31 GMT
server-timing
inner; dur=19, cdn-cache; desc=MISS, edge; dur=10, origin; dur=29
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:31 GMT
x-akamai-request-id
3fccf5df
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff611c332e234d82bb3bdaeeaf5a9c190b7cb1b2f8b4e2fe385f2b55bfd02631bf048b0693cd4956b560f942b621d688659801149640b0c10a1286693bb8d647416
x-origin-response-time
30,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121820563110C9AE43A9193637B8F3-3396DCDD5F362B24-00
content-length
0
x-tt-logid
2024121820563110C9AE43A9193637B8F3
server
nginx
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/
0
0

getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da50 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Wed, 18 Dec 2024 20:56:32 GMT
/
positivo-agora.site/ Frame 971A
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:31 GMT
server
Apache
vary
Accept-Encoding
latest.js
cdn.utmify.com.br/scripts/utms/ Frame 971A
13 KB
64 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
content-encoding
zstd
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:31 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXNQ19BM23N324B2MSSFS-mia
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ Frame 971A
227 KB
0
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/ Frame 971A
284 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/ Frame 971A
5 KB
0
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ Frame 971A
31 KB
89 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
content-encoding
zstd
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:31 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXNQF5WHE7HNCANVPVTWE-mia
fbevents.js
connect.facebook.net/en_US/ Frame 971A
239 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ Frame 971A
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3396580d4d35bba379dfc2f41d0c23cf82f29e6310456213bb9ca56b7bc613c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-48-249-163.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Wed, 18 Dec 2024 20:56:31 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=20, origin; dur=8, inner; dur=4
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
ba30266.3fccf7fe
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e63d7c51edc9433a9208d628c463eb91fb760782c89a74f4716aa972e14856bea9638baada1820865d5406e7a2e6d4dba55921c5a09fef57c6d3ec6abc6621b135c56d3f4260ebd5a3fef624b7e85b3f90
x-origin-response-time
8,23.48.249.163
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2412182056310519EA20E7094E440246-28EEC22022CEAAD4-00
content-length
2405
x-parent-response-time
25,23.218.223.71
x-tt-logid
202412182056310519EA20E7094E440246
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 971A
10 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

If-None-Match
"C5DC8475F5AE240BD1474B4467D9E7D8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Mon, 27 May 2024 02:52:15 GMT

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
7160308542765914615
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
Connection
close
X-Ks-Request-ID
7160308542765914615
Access-Control-Allow-Origin
*
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Server
Lego Server
collect
www.google.com/ccm/ Frame 971A
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=positivo-agora.site&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=1&rnd=1948088541.1734555392&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555391731&tfd=132&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/ Frame 971A
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555391728&cv=11&fst=1734555391728&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
a517c712afb502641f882251b4e225cfb6898a5995eefc5d3f6a515b4a950335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2243
date
Wed, 18 Dec 2024 20:56:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame F0AF
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555391728&cv=11&fst=1734555391728&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
442067122332003
connect.facebook.net/signals/config/ Frame 971A
69 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame BF09
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
513423641743011
connect.facebook.net/signals/config/ Frame 971A
25 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame 971A
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555391763&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555391745&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=28, mss=1232, tbw=10636, tp=27, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 971A
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555391763&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555391745&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858678800417854"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
C6XhD6qHIRrTopTThZLKNrKKU6mnSXdqKA2quLAG0D9/vQhpUlLs/1sqgWW5L4VuGMPjR4XgsR2Sb+dBukS42Q==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858678800417854", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=28, mss=1232, tbw=11052, tp=33, tpl=0, uplat=35, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame 971A
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555391772&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555391745&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=28, mss=1232, tbw=10892, tp=31, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 971A
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555391772&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555391745&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858678188104961"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Vp0VnFVh86JrMoHZcENamLZyMkG/FoJ5Qc/PoX1zQv9/LPjX4tnczuRkdVlWpfF85HS8bK56AqfkUzylWAL0FA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858678188104961", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=28, mss=1232, tbw=11932, tp=34, tpl=0, uplat=35, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da50 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 18 Dec 2024 20:56:32 GMT
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 971A
201 B
427 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da50 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
a331033d2adeb8608b7d944668be44a44dc2e5d7d3779576ad33819158e1ddb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
191
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
/
www.google.com/pagead/1p-user-list/16692136603/ Frame 971A
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555391728&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dnyZIrhfOXn2Gj5Cbry5FjW40Jv0pmHbklndH9mSdWin2hzk8&random=1121458455&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ Frame 971A
351 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ Frame 971A
146 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/ Frame 971A
0
718 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:32 GMT
server-timing
inner; dur=21, cdn-cache; desc=MISS, edge; dur=27, origin; dur=66
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:32 GMT
x-akamai-request-id
3fccfa67
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff6ffe8a48d396423aed959c5dd74a6599971b5f7a640bdd34632cf480ded41c0e3a8d9a3de33f614cae0afe804ac2d4f526eff1a8866eedec0fd6fe0e1244a15cc
x-origin-response-time
67,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121820563115BD87715487E9969716-5C97A0084471FF6D-00
content-length
0
x-tt-logid
2024121820563115BD87715487E9969716
server
nginx
act
analytics.tiktok.com/api/v2/pixel/ Frame 971A
0
880 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:32 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=22, origin; dur=15, inner; dur=12
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:32 GMT
x-akamai-request-id
56c6b1db.3fccffe9
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e654797425380266619b75d9dd2634f4b7387f54a2368dc454c0e64ad0e151986f81b985d0ad305973cd9bd9159dd77b40ab7ffd933cbf9fa3354d701f5cf159dc8fa5b2ef2de83a237b3d13b0819e99c3
x-origin-response-time
15,23.220.106.7
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241218205632ECBB788009B55A5E0515-6BECFB315C054089-00
content-length
0
x-parent-response-time
28,23.218.223.71
x-tt-logid
20241218205632ECBB788009B55A5E0515
server
nginx
/
api.ipify.org/ Frame 971A
22 B
251 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f60c9c3743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29479&min_rtt=29198&rtt_var=2390&sent=13&recv=15&lost=0&retrans=0&sent_bytes=4708&recv_bytes=2328&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=1114&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 971A
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:32 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/ Frame 971A
22 B
228 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f61aae5743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29507&min_rtt=29198&rtt_var=1848&sent=16&recv=17&lost=0&retrans=0&sent_bytes=5025&recv_bytes=2389&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=1189&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 971A
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:32 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
positivo-agora.site/ Frame 8642
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Referer
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:32 GMT
server
Apache
vary
Accept-Encoding
latest.js
cdn.utmify.com.br/scripts/utms/ Frame 8642
13 KB
89 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

If-None-Match
W/"3532-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:32 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXP6PDC0TSH4YX4JHW304-mia
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ Frame 8642
227 KB
0
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/ Frame 8642
284 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/ Frame 8642
5 KB
0
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ Frame 8642
31 KB
65 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

If-None-Match
W/"7cd5-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:32 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXP6RJ86HKJV0W2QBGASZ-mia
fbevents.js
connect.facebook.net/en_US/ Frame 8642
239 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ Frame 8642
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d53d8bd33bcaa6daf51a306d4efe28e74b0cf33cacc778049bacb97a320cd76b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-106-22.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Wed, 18 Dec 2024 20:56:32 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=63, origin; dur=8, inner; dur=2
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
8c78f13.3fccffea
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e6d9984d8aced47b18bab058ef0f6b8a271ab2e68a3bc357785d1009c33076b41fcabd1ff82734dfcd88d30b65355efda9f330fea60025951429cd887a22c0a94a740c15b5792e428ad0c5cf2e04e9e86e
x-origin-response-time
8,23.220.106.22
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2412182056322D58E3EC9C454D93663D-2C91BD5E1352508B-00
content-length
2405
x-parent-response-time
24,23.218.223.71
x-tt-logid
202412182056322D58E3EC9C454D93663D
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 8642
10 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

If-None-Match
"C5DC8475F5AE240BD1474B4467D9E7D8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Mon, 27 May 2024 02:52:15 GMT

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
8418656871359331478
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
Connection
close
X-Ks-Request-ID
8418656871359331478
Access-Control-Allow-Origin
*
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Server
Lego Server
442067122332003
connect.facebook.net/signals/config/ Frame 8642
69 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
513423641743011
connect.facebook.net/signals/config/ Frame 8642
25 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame 8642
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&if=true&ts=1734555392250&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555392209&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=30, mss=1232, tbw=13004, tp=39, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 8642
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&if=true&ts=1734555392250&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555392209&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858682862858472"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
/mR+E1wHdiS4X9vRtZbpUVsLyz3iERvxenXiVGAIEo1zmllnFrtCBZ/wAf0cDPU8GhiPqpWbPjYeKe00nAxs3Q==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858682862858472", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=30, mss=1232, tbw=14332, tp=46, tpl=0, uplat=69, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ Frame 8642
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=positivo-agora.site&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=1&rnd=894355108.1734555392&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555392260&tfd=155&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/ Frame 8642
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555392257&cv=11&fst=1734555392257&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
85da2ca046ea4b5e4542c6ae49a6e7b80287436921d977f6c676de80d47c4b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2305
date
Wed, 18 Dec 2024 20:56:32 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame A564
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555392257&cv=11&fst=1734555392257&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 8642
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&if=true&ts=1734555392270&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555392209&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=30, mss=1232, tbw=13292, tp=43, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 8642
67 B
191 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&if=true&ts=1734555392270&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555392209&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858682999955458"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
PNIUToljgbRIS92CF5W47Fm28xbMKldIBuU1PNE/YbITQDE5L1fSP7S2Dc/1DRRAe62pC2AfSrALfLFefQd6Nw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858682999955458", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=30, mss=1232, tbw=13452, tp=45, tpl=0, uplat=39, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 03E2
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
events
tracking.utmify.com.br/tracking/v1/ Frame 971A
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:32 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
events
tracking.utmify.com.br/tracking/v1/ Frame 971A
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:32 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
/
www.google.com/pagead/1p-user-list/16692136603/ Frame 8642
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555392257&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3D%26sck%3D&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dNN31gcwgnYYL4f0vvlHq7i8dTDusKehAqze24qkOYU1x7VnK&random=43697029&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
api.ipify.org/ Frame 8642
22 B
228 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f625bee743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29579&min_rtt=29198&rtt_var=1530&sent=19&recv=19&lost=0&retrans=0&sent_bytes=5319&recv_bytes=2450&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=1304&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 8642
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:32 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/ Frame 8642
22 B
228 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f62dc96743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29524&min_rtt=29009&rtt_var=1258&sent=22&recv=21&lost=0&retrans=0&sent_bytes=5613&recv_bytes=2511&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=1379&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 8642
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:32 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ Frame 8642
351 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ Frame 8642
146 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/ Frame 8642
0
719 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:32 GMT
server-timing
inner; dur=45, cdn-cache; desc=MISS, edge; dur=14, origin; dur=68
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:32 GMT
x-akamai-request-id
3fcd0295
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff6454c77c4ca576e29e92f5323f2b12441270329eb6cecfe5027986cbbb65b7f999b4e417851fcdd4afab5822ee0884087e8a3e76ff667988fe5b97aa81fb346fb
x-origin-response-time
68,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121820563287699CA1040A6E8D1E79-56A5471804330458-00
content-length
0
x-tt-logid
2024121820563287699CA1040A6E8D1E79
server
nginx
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 8642
202 B
207 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da279392b20bac7bbc9ed7d17ff544fd811d1723852059c04bed0e30fe5c90ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
188
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
/
positivo-agora.site/ Frame B5F7
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Referer
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:32 GMT
server
Apache
vary
Accept-Encoding
events
tracking.utmify.com.br/tracking/v1/ Frame 8642
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:32 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
latest.js
cdn.utmify.com.br/scripts/utms/ Frame B5F7
13 KB
65 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

If-None-Match
W/"3532-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:32 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXPG6N9304V5QMZF7KNW9-mia
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ Frame B5F7
227 KB
0
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/ Frame B5F7
284 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/ Frame B5F7
5 KB
0
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ Frame B5F7
31 KB
65 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

If-None-Match
W/"7cd5-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:32 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXPG6XF6GGCQFF012Q3DD-mia
fbevents.js
connect.facebook.net/en_US/ Frame B5F7
239 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ Frame B5F7
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
41b0d7f284a80e6156d5fa90deb8cbcb7e256c65f7d862111b59eb120aa7461a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
expires
Wed, 18 Dec 2024 20:56:32 GMT
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=6, origin; dur=24
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
3fcd04a8
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff6ffe8a48d396423aed959c5dd74a65999703d5df2dc175cee184e3fabb390ff77c69aaed97809aa36df04582bbb65d3991612bfd45306944143ea73e45aabf433
x-origin-response-time
24,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24121820563215BD87715487E996972D-0ACFA6BD20164201-00
content-length
2407
x-tt-logid
2024121820563215BD87715487E996972D
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame B5F7
10 KB
780 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

If-None-Match
"C5DC8475F5AE240BD1474B4467D9E7D8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Mon, 27 May 2024 02:52:15 GMT

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
10088640598682856946
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
Connection
close
X-Ks-Request-ID
10088640598682856946
Access-Control-Allow-Origin
*
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Server
Lego Server
442067122332003
connect.facebook.net/signals/config/ Frame B5F7
69 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
513423641743011
connect.facebook.net/signals/config/ Frame B5F7
25 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame B5F7
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555392535&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555392503&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=32, mss=1232, tbw=15404, tp=51, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame B5F7
67 B
195 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555392535&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555392503&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858683294807356"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
1onTZy6aRgMa8vE/k8I+pBcZ0WKJfzdhF0IWrTkz+1zcHeK1Vg7zUbNM6/fChMnA3BGpatkFFr0Q1XxKYTdWkA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858683294807356", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=32, mss=1232, tbw=15820, tp=57, tpl=0, uplat=37, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ Frame B5F7
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=positivo-agora.site&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=1&rnd=2029669032.1734555393&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555392547&tfd=148&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/ Frame B5F7
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555392544&cv=11&fst=1734555392544&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
0b6e5b46d0f0717d668312586fd72c81b1a6e06e1ac30d07f0d78cdba93e1a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2319
date
Wed, 18 Dec 2024 20:56:32 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame 83A6
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555392544&cv=11&fst=1734555392544&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame B5F7
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555392556&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555392503&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=32, mss=1232, tbw=15660, tp=55, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame B5F7
67 B
194 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555392556&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555392503&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858683603068906"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
XFDpPckTR6ZX8MOLdvkKhBb+xbpjIbZoWQzeZhssL8ItLqPAmUbUv7TTr9Fo2YDV2yf/ETqzt68xM5o6j93BvA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858683603068906", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=32, mss=1232, tbw=16748, tp=59, tpl=0, uplat=39, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame F023
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
events
tracking.utmify.com.br/tracking/v1/ Frame 8642
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:32 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/
290 KB
77 KB
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
Content-Encoding
gzip
x-ks-client-ip
38.132.118.67
Etag
"8BACD25B485D37EB16DC48306BA2221A"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Fri, 11 Oct 2024 08:43:00 GMT
Date
Wed, 11 Sep 2024 08:43:00 GMT
x-oss-server-time
8
Last-Modified
Wed, 11 Sep 2024 08:21:14 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
15396830728928523770
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
1814864409054748518
Connection
keep-alive
Accept-Ranges
bytes
X-Ks-Request-ID
15396830728928523770
Access-Control-Allow-Origin
*
Content-Length
78021
x-oss-request-id
66E15814007CA03532469C65
X-Cache-Lookup
Cache Hit
Server
Lego Server
act
analytics.tiktok.com/api/v2/pixel/ Frame 8642
0
877 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-220-106-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:32 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=37, origin; dur=24, inner; dur=21
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:32 GMT
x-akamai-request-id
68cdfab1.3fcd05e4
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e613142ef0690ea9fba05c24987c981bf97e39854f07cf9ed286bed789b44b56c8a1c2a3a022939402b18fe0b01aa8cc61b701d318e526a08302a4a5abea6eae1831eede127bee34cc87d1a984254d81ff
x-origin-response-time
25,23.220.106.13
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241218205632D5434C88E06FC54E75B9-2793C8F208814A1E-00
content-length
0
x-parent-response-time
40,23.218.223.71
x-tt-logid
20241218205632D5434C88E06FC54E75B9
server
nginx
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ Frame B5F7
351 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ Frame B5F7
146 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/ Frame B5F7
0
879 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-220-106-155.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:32 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=21, origin; dur=17, inner; dur=14
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:32 GMT
x-akamai-request-id
90246964.3fcd06b0
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e611cd3b90ebc884f268050b015812134010c78e095563fdd3292bfb52759065e897d6b52b9f421981c9a5ea9a3b2b919bba86831e40ec79dcc1f36bdb33997edfa1515e0a130698c7188f007a507685ef
x-origin-response-time
17,23.220.106.155
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412182056326A10DDA6CE044A2953A0-0D0C2E56299365FA-00
content-length
0
x-parent-response-time
25,23.218.223.71
x-tt-logid
202412182056326A10DDA6CE044A2953A0
server
nginx
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 971A
290 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Content-Encoding
gzip
Etag
"8BACD25B485D37EB16DC48306BA2221A"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Fri, 11 Oct 2024 08:43:00 GMT
Date
Wed, 11 Sep 2024 08:43:00 GMT
x-oss-server-time
8
Last-Modified
Wed, 11 Sep 2024 08:21:14 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
X-NWS-LOG-UUID
11876421445524230616
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
1814864409054748518
X-Ks-Request-ID
11876421445524230616
Access-Control-Allow-Origin
*
Content-Length
78021
x-oss-request-id
66E15814007CA03532469C65
X-Cache-Lookup
Cache Hit
Accept-Ranges
bytes
Server
Lego Server
/
www.google.com/pagead/1p-user-list/16692136603/ Frame B5F7
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555392544&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7db_5IUQVi_Ecp28laAop6oKWLsI_90L5ytAFMoqiqKbuKI9-B&random=2980163464&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame B5F7
202 B
211 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
303b73c034d412706e754098ced35e444618190d6c839f7934b0e5859212c290

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
192
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
/
api.ipify.org/ Frame B5F7
22 B
227 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f648eaf743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29507&min_rtt=29009&rtt_var=978&sent=25&recv=23&lost=0&retrans=0&sent_bytes=5907&recv_bytes=2572&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=1649&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame B5F7
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:32 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/ Frame B5F7
22 B
227 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f650f57743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29588&min_rtt=29009&rtt_var=897&sent=28&recv=25&lost=0&retrans=0&sent_bytes=6200&recv_bytes=2633&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=1728&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:32 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame B5F7
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:32 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 8642
290 KB
776 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Content-Encoding
gzip
Etag
"8BACD25B485D37EB16DC48306BA2221A"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Fri, 11 Oct 2024 08:43:00 GMT
Date
Wed, 11 Sep 2024 08:43:00 GMT
x-oss-server-time
8
Last-Modified
Wed, 11 Sep 2024 08:21:14 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
X-NWS-LOG-UUID
9967402475637703314
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
1814864409054748518
X-Ks-Request-ID
9967402475637703314
Access-Control-Allow-Origin
*
Content-Length
78021
x-oss-request-id
66E15814007CA03532469C65
X-Cache-Lookup
Cache Hit
Accept-Ranges
bytes
Server
Lego Server
events
tracking.utmify.com.br/tracking/v1/ Frame B5F7
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:32 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/
70 B
193 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ac68f441b2144063642f31acdacf9ea8bcd3eb891b497ea74ea40d310ad21ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
content-length
70
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/
72 B
195 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c90494081280e68f4df7d0f8a3c9cd40028d069a54720a60e2b0c06e10d8ae8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
content-length
72
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/
829 B
456 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=510449167530721283&pageId=pageId-1734555392870-3943207565008
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29c842c0a44e841d0947c40a5b982e1a51903d92762f537d009788ec73afd514

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
436
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
act
analytics.tiktok.com/api/v2/pixel/ Frame B5F7
0
880 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-220-106-155.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:33 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=189, origin; dur=16, inner; dur=12
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:33 GMT
x-akamai-request-id
90246bb2.3fcd0af5
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e611cd3b90ebc884f268050b015812134095aef8515a1a03aeeb4cd8ca8c7ccee6096760ed9430fc2a1752dd9dca76746ce59ae1fc0438de6e34feed0cb567376c4866895f573f9a2acf14030380cb5c1c
x-origin-response-time
16,23.220.106.155
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412182056326B5FDC4B3F147AB4B7EB-0F3012640F08DD12-00
content-length
0
x-parent-response-time
162,23.218.223.71
x-tt-logid
202412182056326B5FDC4B3F147AB4B7EB
server
nginx
events
tracking.utmify.com.br/tracking/v1/ Frame B5F7
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:32 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
70 B
282 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc3e3cf56ae1ecedbd03bc12fea78a22bccc9bbc9c3f5c3e8dc9a8a2272660be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
70
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
69 B
192 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b904781012156405dbaa1e7fb8f1d51aac6a0c9303150883cb83c73fdf07a06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
content-length
69
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ Frame 971A
825 B
450 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=510449167530721283&pageId=pageId-1734555392917-4591402038155
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02f365d1823c5efe39d8b2bcf448b9f2ba2bc17b301ba8af6c11f942e0feb6cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
430
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 8642
73 B
196 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
efd2b1e3981b76f15bbb0c028d6c0660fd874caa6cc0abc802c1241ad09334c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
content-length
73
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 8642
73 B
196 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eeb80d375efe16009a6fed72f2fe9c472c51e568c3ec2b08f820e7073d88cb78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
content-length
73
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ Frame 8642
829 B
456 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=510449167530721283&pageId=pageId-1734555392976-9008695600660
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a5af0c02bf6e492c5b38c06c72b42a4040be78c7b40eecfe7db95da032d864e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
436
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame B5F7
290 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

If-None-Match
"8BACD25B485D37EB16DC48306BA2221A"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Wed, 11 Sep 2024 08:21:14 GMT

Response headers

Content-MD5
i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"8BACD25B485D37EB16DC48306BA2221A"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Fri, 11 Oct 2024 08:43:00 GMT
Date
Wed, 11 Sep 2024 08:43:00 GMT
x-oss-server-time
8
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
17481001544904858052
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
1814864409054748518
Connection
close
X-Ks-Request-ID
17481001544904858052
Access-Control-Allow-Origin
*
x-oss-request-id
66E15814007CA03532469C65
X-Cache-Lookup
Cache Hit
Server
Lego Server
favicon.ico
positivo-agora.site/
266 B
339 B
Other
General
Full URL
https://positivo-agora.site/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
e103c79b9cf9f2ab14a5107ca866ca74218e2a955d0940619dd2aee8a1823b72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-length
266
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame B5F7
71 B
194 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7e8ec2077cb71741fb78472792e3a7595b2244ace5072a0ad723e267802e9760

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
content-length
71
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame B5F7
72 B
195 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
89c53b4e6f1e27143ff379e081285eb84e11cc0f378f8dd9525495153cc4e92d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
content-length
72
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ Frame B5F7
825 B
450 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=510449167530721283&pageId=pageId-1734555393175-7710063365848
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
775eadefec7389a92a319ad32360a0f87b84fb74eb2aacd15f9d41d7802bebb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
430
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
api
ads.mythad.com/log/common/co/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Wed, 18 Dec 2024 20:56:33 GMT
quic-version
0x00000001
checkPixel.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/
126 KB
40 KB
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
AW9CEWCiJefwVj7zcti69w==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
Content-Encoding
gzip
x-ks-client-ip
38.132.118.67
Etag
"016F421160A225E7F0563EF372D8BAF7"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 13 Jul 2024 06:07:52 GMT
Date
Thu, 13 Jun 2024 06:07:52 GMT
x-oss-server-time
61
Last-Modified
Mon, 27 May 2024 07:18:27 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
10301665939037772484
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
11760214008123873659
Connection
keep-alive
Accept-Ranges
bytes
X-Ks-Request-ID
10301665939037772484
Access-Control-Allow-Origin
*
Content-Length
39702
x-oss-request-id
666A8CB817D7F33039910062
X-Cache-Lookup
Cache Hit
Server
Lego Server
api
ads.mythad.com/log/common/co/
2 KB
996 B
XHR
General
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a8ef36f59d0b5aeed151846908ab6971d7acd2a7ec3f93bba8fb4bc924da4957

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
977
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
checkPixel.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 971A
126 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
AW9CEWCiJefwVj7zcti69w==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Content-Encoding
gzip
Etag
"016F421160A225E7F0563EF372D8BAF7"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 13 Jul 2024 06:07:52 GMT
Date
Thu, 13 Jun 2024 06:07:52 GMT
x-oss-server-time
61
Last-Modified
Mon, 27 May 2024 07:18:27 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
X-NWS-LOG-UUID
7637789445025822360
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
11760214008123873659
X-Ks-Request-ID
7637789445025822360
Access-Control-Allow-Origin
*
Content-Length
39702
x-oss-request-id
666A8CB817D7F33039910062
X-Cache-Lookup
Cache Hit
Accept-Ranges
bytes
Server
Lego Server
api
ads.mythad.com/log/common/co/ Frame 971A
0
0

api
ads.mythad.com/log/common/co/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Wed, 18 Dec 2024 20:56:33 GMT
quic-version
0x00000001
api
ads.mythad.com/log/common/co/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Wed, 18 Dec 2024 20:56:33 GMT
quic-version
0x00000001
checkPixel.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 8642
126 KB
780 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
AW9CEWCiJefwVj7zcti69w==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Content-Encoding
gzip
Etag
"016F421160A225E7F0563EF372D8BAF7"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 13 Jul 2024 06:07:52 GMT
Date
Thu, 13 Jun 2024 06:07:52 GMT
x-oss-server-time
61
Last-Modified
Mon, 27 May 2024 07:18:27 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
X-NWS-LOG-UUID
15024586334926245905
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
11760214008123873659
X-Ks-Request-ID
15024586334926245905
Access-Control-Allow-Origin
*
Content-Length
39702
x-oss-request-id
666A8CB817D7F33039910062
X-Cache-Lookup
Cache Hit
Accept-Ranges
bytes
Server
Lego Server
api
ads.mythad.com/log/common/co/ Frame 8642
0
0

checkPixel.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame B5F7
126 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
AW9CEWCiJefwVj7zcti69w==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Content-Encoding
gzip
Etag
"016F421160A225E7F0563EF372D8BAF7"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 13 Jul 2024 06:07:52 GMT
Date
Thu, 13 Jun 2024 06:07:52 GMT
x-oss-server-time
61
Last-Modified
Mon, 27 May 2024 07:18:27 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
X-NWS-LOG-UUID
5708987325698140812
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
11760214008123873659
X-Ks-Request-ID
5708987325698140812
Access-Control-Allow-Origin
*
Content-Length
39702
x-oss-request-id
666A8CB817D7F33039910062
X-Cache-Lookup
Cache Hit
Accept-Ranges
bytes
Server
Lego Server
api
ads.mythad.com/log/common/co/ Frame B5F7
0
0

api
ads.mythad.com/log/common/co/ Frame
0
0

checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Wed, 18 Dec 2024 20:56:33 GMT
quic-version
0x00000001
checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/
146 B
167 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ed6fabe164198237a14d62afa896f73dcde432803a322191497a79095ce5a3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
148
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
/
positivo-agora.site/ Frame 971A
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:33 GMT
server
Apache
vary
Accept-Encoding
data
ads.mythad.com/log/common/web/landingPage/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/log/common/web/landingPage/data
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Wed, 18 Dec 2024 20:56:33 GMT
quic-version
0x00000001
data
ads.mythad.com/log/common/web/landingPage/ Frame
0
0

data
ads.mythad.com/log/common/web/landingPage/ Frame
0
0

data
ads.mythad.com/log/common/web/landingPage/ Frame 971A
0
0

data
ads.mythad.com/log/common/web/landingPage/ Frame 8642
0
0

data
ads.mythad.com/log/common/web/landingPage/ Frame B5F7
0
0

checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ Frame
0
0

checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ Frame 971A
0
0

checkPixel
ads.mythad.com/rest/n/adintl/ad/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixel
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Wed, 18 Dec 2024 20:56:34 GMT
quic-version
0x00000001
checkPixel
ads.mythad.com/rest/n/adintl/ad/ Frame 971A
0
0

latest.js
cdn.utmify.com.br/scripts/utms/ Frame 971A
13 KB
65 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

If-None-Match
W/"3532-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:33 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXQPWAMM6AABYGDT8HWSR-mia
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ Frame 971A
227 KB
0
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/ Frame 971A
284 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/ Frame 971A
5 KB
0
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ Frame 971A
31 KB
90 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

If-None-Match
W/"7cd5-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:33 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXQPZZZFH0VDJMXVKNBGE-mia
fbevents.js
connect.facebook.net/en_US/ Frame 971A
239 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ Frame 971A
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f0022614536ba13c81f4cdf4ea7025dd04d5d07f2183c310b41ec1085ff2bf02

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-106-22.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Wed, 18 Dec 2024 20:56:33 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=4, origin; dur=6, inner; dur=3
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
8c7a08b.3fcd173f
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e6d9984d8aced47b18bab058ef0f6b8a27ba160e108578a1f9b67abffdcd544cdbfe0e334b79ca4c209167c56c5234d469a679e59d636b4578e91655faa43259a54f972e468073af2247470ed4fe059019
x-origin-response-time
7,23.220.106.22
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241218205633B28925F30E4FC6477850-17858ECF04431426-00
content-length
2407
x-parent-response-time
9,23.218.223.71
x-tt-logid
20241218205633B28925F30E4FC6477850
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 971A
10 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

If-None-Match
"C5DC8475F5AE240BD1474B4467D9E7D8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Mon, 27 May 2024 02:52:15 GMT

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
7753382628798429879
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
Connection
close
X-Ks-Request-ID
7753382628798429879
Access-Control-Allow-Origin
*
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Server
Lego Server
442067122332003
connect.facebook.net/signals/config/ Frame 971A
69 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
513423641743011
connect.facebook.net/signals/config/ Frame 971A
25 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame 971A
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555393772&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555393745&coo=false&exp=j1&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=34, mss=1232, tbw=17884, tp=64, tpl=0, uplat=1, ullat=1
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 971A
67 B
195 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555393772&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555393745&coo=false&exp=j1&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858686952008998"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
baBvsvUIMh2A1smxL8XG2FJiwrO9pn490gtK03Fdv/uGeNJMv7ddLJzQDqC1KV/ffWnSgSNkAvlGx5m/z+voOw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858686952008998", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=34, mss=1232, tbw=18332, tp=70, tpl=0, uplat=35, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ Frame 971A
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=positivo-agora.site&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=1&rnd=1749315536.1734555394&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555393785&tfd=179&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/ Frame 971A
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555393780&cv=11&fst=1734555393780&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
92e138c88738bfd0d1aac56c7b0756a6d9564179badf0c96cf7227df95f1244c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2242
date
Wed, 18 Dec 2024 20:56:33 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame 03C6
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555393780&cv=11&fst=1734555393780&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 971A
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555393794&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555393745&coo=false&exp=j1&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=34, mss=1232, tbw=18172, tp=68, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 971A
67 B
194 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555393794&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555393745&coo=false&exp=j1&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858687938087492"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:33 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858687938087492", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
jIHGr9hlo9FsJcvMXz9M+/d4HcvZxzI3rRpocBmJCCj3j+hN02dEn4hieVHx3BXm0r/LK/OnbJg7478hnBrB+g==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=34, mss=1232, tbw=19260, tp=72, tpl=0, uplat=37, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame CD24
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 971A
201 B
210 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae83d92a798fdbfe3c4d3d4b1cd9227f6ffb0c98e5a093b609524bd8f047c2f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
191
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ Frame 971A
351 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ Frame 971A
146 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/ Frame 971A
0
878 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:33 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=25, inner; dur=21
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:33 GMT
x-akamai-request-id
56c6cbbf.3fcd18d1
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e654797425380266619b75d9dd2634f4b70b4cd9949c7463f5af8c5ddddb73dbd1628f867020de1a4731ee693265487c882295d19ed211d7b2de3472870cfd872b47ccfa6ff16c1b00e05466130333fee4
x-origin-response-time
25,23.220.106.7
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121820563383577594285494A02A0E-6CD3F7203A01791D-00
content-length
0
x-parent-response-time
27,23.218.223.71
x-tt-logid
2024121820563383577594285494A02A0E
server
nginx
/
www.google.com/pagead/1p-user-list/16692136603/ Frame 971A
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555393780&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dnXdkGgip6bp8j1o9WMuP0zitnhakX2bmWEC-X-zibc2CQKd4&random=3630219369&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
api.ipify.org/ Frame 971A
22 B
251 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f6c3a72743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29627&min_rtt=29009&rtt_var=751&sent=31&recv=27&lost=0&retrans=0&sent_bytes=6493&recv_bytes=2694&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=2896&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 971A
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:33 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/ Frame 971A
22 B
228 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f6ccb22743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=29584&min_rtt=29009&rtt_var=650&sent=34&recv=29&lost=0&retrans=0&sent_bytes=6810&recv_bytes=2755&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=2987&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 971A
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:34 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
positivo-agora.site/ Frame 43CD
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Referer
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:33 GMT
server
Apache
vary
Accept-Encoding
latest.js
cdn.utmify.com.br/scripts/utms/ Frame 43CD
13 KB
89 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

If-None-Match
W/"3532-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:34 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXR01WCXR959DC93XDZGG-mia
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ Frame 43CD
227 KB
0
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/ Frame 43CD
284 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/ Frame 43CD
5 KB
0
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ Frame 43CD
31 KB
65 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

If-None-Match
W/"7cd5-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:34 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXR02P3ZT8RXDSWNTR6D1-mia
fbevents.js
connect.facebook.net/en_US/ Frame 43CD
239 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ Frame 43CD
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2f3f2e97469b49610cbf457a09558e7e4801e513b1165b758077ef1b474afad5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-106-155.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Wed, 18 Dec 2024 20:56:34 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=8, inner; dur=5
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
9024788b.3fcd1bea
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e611cd3b90ebc884f268050b015812134095aef8515a1a03aeeb4cd8ca8c7ccee62d50ac6ae8faa2fe5fdf0933e7462dc6f66613d9b909188ddb8d866ec416f5b4743901e127ca69a731f6a09d3531b01b
x-origin-response-time
8,23.220.106.155
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2412182056346B5FDC4B3F147AB4B852-185C8647483E7A7A-00
content-length
2374
x-parent-response-time
17,23.218.223.71
x-tt-logid
202412182056346B5FDC4B3F147AB4B852
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 43CD
10 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

If-None-Match
"C5DC8475F5AE240BD1474B4467D9E7D8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Mon, 27 May 2024 02:52:15 GMT

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
7999043801007088165
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
Connection
close
X-Ks-Request-ID
7999043801007088165
Access-Control-Allow-Origin
*
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Server
Lego Server
442067122332003
connect.facebook.net/signals/config/ Frame 43CD
69 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
act
analytics.tiktok.com/api/v2/pixel/ Frame 971A
0
720 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:34 GMT
server-timing
inner; dur=11, cdn-cache; desc=MISS, edge; dur=11, origin; dur=18
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:34 GMT
x-akamai-request-id
3fcd1c5e
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff6ffe8a48d396423aed959c5dd74a65999961706e4294e6f5aac733414b0bfd3281e027f6427dfffa85114147fb30ea64f1c92f2a477a05c43504e9c15db4f5339
x-origin-response-time
19,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121820563415BD87715487E9969765-4BA8121F032BBCD9-00
content-length
0
x-tt-logid
2024121820563415BD87715487E9969765
server
nginx
513423641743011
connect.facebook.net/signals/config/ Frame 43CD
25 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame 43CD
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555394063&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555394047&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=36, mss=1232, tbw=20524, tp=77, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 43CD
67 B
195 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555394063&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555394047&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858691602950908"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
fvgjSmbdJShOxO17bebyp8ocP97yUQ87yZkFkHiEy5fZphPqDZIZdzqQBOzvkXM72K8w56vk+CD/gdeBeTb8Bg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858691602950908", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=36, mss=1232, tbw=21004, tp=83, tpl=0, uplat=35, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ Frame 43CD
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=positivo-agora.site&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=1&rnd=1161787026.1734555394&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555394073&tfd=135&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/ Frame 43CD
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555394070&cv=11&fst=1734555394070&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
2436b92b52d4d14a9d827f83d6b1b3c45ffeb1a20734067c8a766f6671c5a912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2320
date
Wed, 18 Dec 2024 20:56:34 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame ACE8
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555394070&cv=11&fst=1734555394070&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 43CD
0
21 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555394084&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555394047&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=36, mss=1232, tbw=20812, tp=81, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 43CD
67 B
198 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555394084&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555394047&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858691143080878"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
83fA+mwJm5eK+PpF7AKSeVaNu+LrfuWEOy2qJIRACc/iUxIOpbOYjFM49dc1L2RbtM339DwZhL+HK0CxgsE32w==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858691143080878", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=36, mss=1232, tbw=21884, tp=84, tpl=0, uplat=37, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
events
tracking.utmify.com.br/tracking/v1/ Frame 971A
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:34 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame C089
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 971A
290 KB
776 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

If-None-Match
"8BACD25B485D37EB16DC48306BA2221A"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Wed, 11 Sep 2024 08:21:14 GMT

Response headers

Content-MD5
i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"8BACD25B485D37EB16DC48306BA2221A"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Fri, 11 Oct 2024 08:43:00 GMT
Date
Wed, 11 Sep 2024 08:43:00 GMT
x-oss-server-time
8
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
2020891204497464414
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
1814864409054748518
Connection
close
X-Ks-Request-ID
2020891204497464414
Access-Control-Allow-Origin
*
x-oss-request-id
66E15814007CA03532469C65
X-Cache-Lookup
Cache Hit
Server
Lego Server
events
tracking.utmify.com.br/tracking/v1/ Frame 971A
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:34 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ Frame 43CD
351 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ Frame 43CD
146 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/ Frame 43CD
0
878 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-48-249-185.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:34 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=13, origin; dur=20, inner; dur=16
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:34 GMT
x-akamai-request-id
4247a8d3.3fcd1dca
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e63a2f3c849143e4eaceb425ea42000c7c7a97e9d90e09daf64660160caf3b823a59eb86b0183b5b084c68e1bbcf69929150c6f6488f662e2510ac536e79dd7da4bfc00ab3c0cc32ae855670a0568bbc69
x-origin-response-time
20,23.48.249.185
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121820563479C3311489F34E9238DE-20A4EDF48030E9F1-00
content-length
0
x-parent-response-time
24,23.218.223.71
x-tt-logid
2024121820563479C3311489F34E9238DE
server
nginx
/
www.google.com/pagead/1p-user-list/16692136603/ Frame 43CD
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555394070&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d73IR0Ir3bDqZEVv0esW9qBspqqfT1UUTv8MiCA5pIgNawwkt&random=614565245&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
api.ipify.org/ Frame 43CD
22 B
229 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f6dccd2743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=35273&min_rtt=29009&rtt_var=11810&sent=38&recv=32&lost=0&retrans=0&sent_bytes=7104&recv_bytes=2816&delivery_rate=135030&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=3136&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 43CD
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:34 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/ Frame 43CD
22 B
228 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f6e5dca743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=33257&min_rtt=29009&rtt_var=8019&sent=42&recv=36&lost=0&retrans=0&sent_bytes=7399&recv_bytes=2877&delivery_rate=135053&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=3226&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 43CD
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:34 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 43CD
204 B
212 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a976e27a0c0b62df86d5fac7d120cd4bf8fc71ee26d589390c1d7ac1a742f93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
193
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
72 B
195 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c90494081280e68f4df7d0f8a3c9cd40028d069a54720a60e2b0c06e10d8ae8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
content-length
72
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
73 B
196 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eeb80d375efe16009a6fed72f2fe9c472c51e568c3ec2b08f820e7073d88cb78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
content-length
73
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ Frame 971A
830 B
454 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=510449167530721283&pageId=pageId-1734555394279-2907568689968
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
870dd2320d6a83c65f42c34f13d495b0f5aedaba97147196641c50f02ade89cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
434
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
events
tracking.utmify.com.br/tracking/v1/ Frame 43CD
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:34 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
act
analytics.tiktok.com/api/v2/pixel/ Frame 43CD
0
719 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:34 GMT
server-timing
inner; dur=17, cdn-cache; desc=MISS, edge; dur=9, origin; dur=21
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:34 GMT
x-akamai-request-id
3fcd21a9
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff6ffe8a48d396423aed959c5dd74a65999b1f7bcac7422507ba837874faf8f8c93c5e9dfb11fb71c10371a6e38fd2142a0af432457fe2bc41fb51d8db9aedab681
x-origin-response-time
21,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121820563415BD87715487E996977B-7B0A32F46F4B0DC8-00
content-length
0
x-tt-logid
2024121820563415BD87715487E996977B
server
nginx
events
tracking.utmify.com.br/tracking/v1/ Frame 43CD
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:34 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 43CD
0
0

/
positivo-agora.site/ Frame 971A
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:34 GMT
server
Apache
vary
Accept-Encoding
data
ads.mythad.com/log/common/web/landingPage/ Frame 971A
0
0

api
ads.mythad.com/log/common/co/ Frame 971A
0
0

latest.js
cdn.utmify.com.br/scripts/utms/ Frame 971A
13 KB
64 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

If-None-Match
W/"3532-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:34 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXRN652PKFHW04220JSVW-mia
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ Frame 971A
227 KB
0
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/ Frame 971A
284 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/ Frame 971A
5 KB
0
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ Frame 971A
31 KB
64 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

If-None-Match
W/"7cd5-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:34 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXRN7AKFP51G58WE06DGY-mia
fbevents.js
connect.facebook.net/en_US/ Frame 971A
239 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ Frame 971A
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9a5ec3e1effe75abe3480d1266cae355e34ca3922ea92358fe277f3e454f1425

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
expires
Wed, 18 Dec 2024 20:56:34 GMT
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=8
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
3fcd2671
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff6ffe8a48d396423aed959c5dd74a65999c5050d778071c88a86b0c3c452fd9f18a89a3f9fca3e20a9193df116a7457b53c1b2f9842a7bdfedd1087c5d63836fda
x-origin-response-time
8,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24121820563415BD87715487E996978C-7EF4E4551CAC36D0-00
content-length
2374
x-tt-logid
2024121820563415BD87715487E996978C
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 971A
10 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Content-Encoding
gzip
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
X-NWS-LOG-UUID
1693483216732640791
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
X-Ks-Request-ID
1693483216732640791
Access-Control-Allow-Origin
*
Content-Length
3744
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Accept-Ranges
bytes
Server
Lego Server
442067122332003
connect.facebook.net/signals/config/ Frame 971A
69 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
513423641743011
connect.facebook.net/signals/config/ Frame 971A
25 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame 971A
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555394740&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555394715&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=38, mss=1232, tbw=22956, tp=89, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 971A
67 B
198 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555394740&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555394715&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858692261485867"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
8kA/fK+OrLjlhEYJ+ziRTLEh/MzAWhYJaESd/bnuG112xDmQ7nR+iMGYZf60EHfNNQRbPoL7DYUSao7tS7tJuA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858692261485867", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=38, mss=1232, tbw=23436, tp=95, tpl=0, uplat=35, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ Frame 971A
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=positivo-agora.site&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=1&rnd=1724571510.1734555395&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555394750&tfd=149&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/ Frame 971A
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555394746&cv=11&fst=1734555394746&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
b8d77e191d3059658b84478ad9b48e51ca5935b07d5759941f936b68c8cac25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2247
date
Wed, 18 Dec 2024 20:56:34 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame AD41
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555394746&cv=11&fst=1734555394746&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 971A
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555394759&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555394715&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=38, mss=1232, tbw=23244, tp=93, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 971A
67 B
200 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555394759&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555394715&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858691943501662"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
KYltKm4Tela0NngHarmRddwHtQBmGaltA9ouBuPSCTLNFgcFlvftNr0903cqCWTomJZBKNdXezbrsRCr7V2YgA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858691943501662", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=38, mss=1232, tbw=24316, tp=96, tpl=0, uplat=35, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 9C75
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ Frame 971A
351 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ Frame 971A
146 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/ Frame 971A
0
883 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:35 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=29, origin; dur=289, inner; dur=286
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:35 GMT
x-akamai-request-id
515d9f4d.3fcd27d1
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e6309fcd1c52700771c6780e328696b8c45d05a24070bb7ecefb401e07c848b8ce43b4aef1230ec6b127a9fdce0ede136eed81be163c8518724209e5f34295d5be92525a2999f04246cea3baca4d7d2f51
x-origin-response-time
289,23.220.105.68
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241218205634A45AC7EAF6176D4BA82F-6BBAE8B6042A2AB0-00
content-length
0
x-parent-response-time
305,23.218.223.71
x-tt-logid
20241218205634A45AC7EAF6176D4BA82F
server
nginx
/
www.google.com/pagead/1p-user-list/16692136603/ Frame 971A
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555394746&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dX2xqBx-vMXDq6QjosNq4WvOyYK-roriHKb4XjbR9A6yuGve9&random=2309891689&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
api.ipify.org/ Frame 971A
22 B
229 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f723b56743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=32878&min_rtt=29009&rtt_var=6771&sent=46&recv=38&lost=0&retrans=0&sent_bytes=7693&recv_bytes=2938&delivery_rate=135053&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=3852&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:34 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 971A
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:34 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/ Frame 971A
22 B
301 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f72cc24743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=32429&min_rtt=29009&rtt_var=5977&sent=49&recv=40&lost=0&retrans=0&sent_bytes=7988&recv_bytes=2999&delivery_rate=135053&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=3943&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 971A
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:35 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 971A
202 B
208 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
103bab2587d28117a40ed9e5c4276e1c4a0885cd174482bec681f3440a24ed83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
189
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
/
positivo-agora.site/ Frame AAAD
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Referer
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:34 GMT
server
Apache
vary
Accept-Encoding
events
tracking.utmify.com.br/tracking/v1/ Frame 971A
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:35 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
latest.js
cdn.utmify.com.br/scripts/utms/ Frame AAAD
13 KB
64 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

If-None-Match
W/"3532-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:35 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXRYVPS3M14RH0Y3DYA4S-mia
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ Frame AAAD
227 KB
0
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/ Frame AAAD
284 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/ Frame AAAD
5 KB
0
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ Frame AAAD
31 KB
88 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

If-None-Match
W/"7cd5-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:35 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXRYX279B4CNX3YAK7B24-mia
fbevents.js
connect.facebook.net/en_US/ Frame AAAD
239 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ Frame AAAD
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d888ddc4ca2fe1e7c8e613dcec7b83dee6f12dc9c8571390a3b2696ce144be1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
expires
Wed, 18 Dec 2024 20:56:35 GMT
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=9
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
3fcd2c2d
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff65c7ce514bb6ca0c4f9c1819c8925b023c6f403818a4e31abce735a206b27b30ac122f073df62a9605d74ff4ffecf7a89880ddc1a55464f5117cd78fe430df991
x-origin-response-time
9,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241218205635F67194F5C0FEA69A8937-67C412C71D8B063A-00
content-length
2375
x-tt-logid
20241218205635F67194F5C0FEA69A8937
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame AAAD
10 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

If-None-Match
"C5DC8475F5AE240BD1474B4467D9E7D8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Mon, 27 May 2024 02:52:15 GMT

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
6279369245217418266
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
Connection
close
X-Ks-Request-ID
6279369245217418266
Access-Control-Allow-Origin
*
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Server
Lego Server
442067122332003
connect.facebook.net/signals/config/ Frame AAAD
69 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
513423641743011
connect.facebook.net/signals/config/ Frame AAAD
25 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame AAAD
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555395053&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555395027&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=39, mss=1232, tbw=25436, tp=102, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame AAAD
67 B
205 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555395053&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555395027&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858696229703110"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
GcL2LDvoM7MQheYeZCakGnjE/UZ9a/aiI+lDKXk8XMDe+MsVrXmlwiEko3pcC2SPuwCesbwM2jn55iJOOjNjnw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858696229703110", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=39, mss=1232, tbw=25916, tp=108, tpl=0, uplat=36, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ Frame AAAD
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=positivo-agora.site&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=1&rnd=1303855719.1734555395&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555395066&tfd=136&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/ Frame AAAD
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555395061&cv=11&fst=1734555395061&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
319758850241f60f0c4c480f9c00c3826b2b4d0b4eb148a66ce5f98ecc70b13c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2322
date
Wed, 18 Dec 2024 20:56:35 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame A9B0
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555395061&cv=11&fst=1734555395061&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
act
analytics.tiktok.com/api/v2/pixel/ Frame 971A
0
878 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-48-249-138.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:35 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=24, origin; dur=19, inner; dur=14
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:35 GMT
x-akamai-request-id
16f9fa09.3fcd2c2e
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e6a1f1da43511f3fd3000856a32f7f460cbfa24cebf2c1fc634ea16890d816efd8a0a0c00cd8d55d44d3ccb86f17808413a63edffe5f12dd2632172e7e0babca326c7bf4739b7ede66957662d1dfc4f8f6
x-origin-response-time
19,23.48.249.138
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241218205635AF6BDC2240F33610B2E8-1CF8ACB162209C71-00
content-length
0
x-parent-response-time
29,23.218.223.71
x-tt-logid
20241218205635AF6BDC2240F33610B2E8
server
nginx
/
www.facebook.com/tr/ Frame AAAD
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555395077&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555395027&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=39, mss=1232, tbw=25724, tp=106, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame AAAD
67 B
209 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555395077&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555395027&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858694913436814"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ffAt0pVBDdCC27DXmlgptb+pvNLE1O5m7XuyTi2L0GwkG8g2jbRr1N/2zmL1Cq4nV33v0kkJh4c/t3ZhH85gbg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858694913436814", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=40, mss=1232, tbw=26796, tp=109, tpl=0, uplat=37, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 4B59
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
events
tracking.utmify.com.br/tracking/v1/ Frame 971A
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:35 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
/
www.google.com/pagead/1p-user-list/16692136603/ Frame AAAD
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555395061&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d86dhxS5_30CBYNy34TnTrNTHrVZ-WnxCRdyppTgugary00ES&random=2496366953&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
api.ipify.org/ Frame AAAD
22 B
228 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f73edfa743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=32038&min_rtt=29009&rtt_var=5265&sent=53&recv=42&lost=0&retrans=0&sent_bytes=8355&recv_bytes=3060&delivery_rate=135053&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=4108&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame AAAD
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:35 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/ Frame AAAD
22 B
229 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f746eca743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=31697&min_rtt=29009&rtt_var=4631&sent=56&recv=44&lost=0&retrans=0&sent_bytes=8649&recv_bytes=3121&delivery_rate=135053&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=4198&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame AAAD
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:35 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ Frame AAAD
351 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ Frame AAAD
146 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/ Frame AAAD
0
878 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-48-249-163.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:35 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=74, origin; dur=35, inner; dur=21
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:35 GMT
x-akamai-request-id
ba31807.3fcd2ea8
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e63d7c51edc9433a9208d628c463eb91fba241e966346eeba37ddaa86f7a8c0542d06b9c445281adfef11e827b3462c6be27adaa0e01985a937b0520cbac4969d22ad8ef4c88ff2841cfd77f5fc33cbf24
x-origin-response-time
35,23.48.249.163
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241218205635C27E4A0ACBD00F052411-55910B301EB0260F-00
content-length
0
x-parent-response-time
87,23.218.223.71
x-tt-logid
20241218205635C27E4A0ACBD00F052411
server
nginx
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame AAAD
0
0

core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 971A
290 KB
77 KB
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
Content-Encoding
gzip
x-ks-client-ip
38.132.118.67
Etag
"8BACD25B485D37EB16DC48306BA2221A"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Fri, 11 Oct 2024 08:43:00 GMT
Date
Wed, 11 Sep 2024 08:43:00 GMT
x-oss-server-time
8
Last-Modified
Wed, 11 Sep 2024 08:21:14 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
5757006378696062587
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
1814864409054748518
Connection
keep-alive
Accept-Ranges
bytes
X-Ks-Request-ID
5757006378696062587
Access-Control-Allow-Origin
*
Content-Length
78021
x-oss-request-id
66E15814007CA03532469C65
X-Cache-Lookup
Cache Hit
Server
Lego Server
events
tracking.utmify.com.br/tracking/v1/ Frame AAAD
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:35 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
events
tracking.utmify.com.br/tracking/v1/ Frame AAAD
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:35 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
act
analytics.tiktok.com/api/v2/pixel/ Frame AAAD
0
877 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:35 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=17, inner; dur=13
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:35 GMT
x-akamai-request-id
56c6df8e.3fcd3078
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e654797425380266619b75d9dd2634f4b779ee2e07eaef0deedbab18cdfcfdc1237938e069b19ef1a258e6ef23376c4820e1a31c97f0ba77f6c22f80b5df9ca12ccf5ec73da361fac0d02b0b2e6173707d
x-origin-response-time
17,23.220.106.7
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412182056355035D04C57043B8AA2FC-49FCD3E91869EB4C-00
content-length
0
x-parent-response-time
22,23.218.223.71
x-tt-logid
202412182056355035D04C57043B8AA2FC
server
nginx
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
71 B
88 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec86d53bdccf598b836b8c7c91ad6dc4833cc8e1901c9fb8471a853721862129

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
71
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
quic-version
0x00000001
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
71 B
88 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec86d53bdccf598b836b8c7c91ad6dc4833cc8e1901c9fb8471a853721862129

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
71
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
quic-version
0x00000001
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ Frame 971A
829 B
456 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=510449167530721283&pageId=pageId-1734555395459-3695062478120
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9bf16ebaa47139d29861b9c8cb13265e8f688d3339417e059995d3278ffb086d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
436
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame AAAD
290 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

If-None-Match
"8BACD25B485D37EB16DC48306BA2221A"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Wed, 11 Sep 2024 08:21:14 GMT

Response headers

Content-MD5
i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"8BACD25B485D37EB16DC48306BA2221A"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Fri, 11 Oct 2024 08:43:00 GMT
Date
Wed, 11 Sep 2024 08:43:00 GMT
x-oss-server-time
8
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
10408252969966744634
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
1814864409054748518
Connection
close
X-Ks-Request-ID
10408252969966744634
Access-Control-Allow-Origin
*
x-oss-request-id
66E15814007CA03532469C65
X-Cache-Lookup
Cache Hit
Server
Lego Server
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame AAAD
72 B
89 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
89c53b4e6f1e27143ff379e081285eb84e11cc0f378f8dd9525495153cc4e92d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
72
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
quic-version
0x00000001
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame AAAD
73 B
90 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c15395f581a2b3423e7203dc274a321c8b9fc29f404ebf4a44bffbef1c5e8b3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
73
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
quic-version
0x00000001
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ Frame AAAD
830 B
455 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=510449167530721283&pageId=pageId-1734555395611-2547528745022
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c3e7845d84a88bb8cdfb2b6b8f31b8d1b44f70184247e93ef6c9dca88c919e5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
435
date
Wed, 18 Dec 2024 20:56:35 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
70 B
87 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
288e599aa574ed814d9691a4f387e470f8cb8a078b8dcec6b706930dc0754242

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
70
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
quic-version
0x00000001
api
ads.mythad.com/log/common/co/ Frame 971A
2 KB
1 KB
XHR
General
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fa93ca87a7c3995dbf7f669a9d6b11d84c682b510389b96c7bf10786527eca7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1051
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
pixelLog
ads.mythad.com/rest/n/adintl/ad/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/pixelLog
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Wed, 18 Dec 2024 20:56:36 GMT
quic-version
0x00000001
pixelLog
ads.mythad.com/rest/n/adintl/ad/ Frame
0
0
Preflight
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/pixelLog
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://positivo-agora.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Wed, 18 Dec 2024 20:56:36 GMT
quic-version
0x00000001
pixelLog
ads.mythad.com/rest/n/adintl/ad/ Frame AAAD
146 B
167 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/pixelLog
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95a31d21221bd78c84be6e05785cf701b337ed0c5d72cd45517390e507641566

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
148
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
pixelLog
ads.mythad.com/rest/n/adintl/ad/ Frame AAAD
146 B
164 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/pixelLog
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da722fd03f5823d92b26ba78e55d8072638781b928760f22486d2ce6bbce08cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
145
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
api
ads.mythad.com/log/common/co/ Frame AAAD
2 KB
1 KB
XHR
General
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0d308ec43748c38c788061644edb69843443d9ee5f840dc0180beba0c41f76a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1058
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
0
0

/
positivo-agora.site/ Frame 971A
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:36 GMT
server
Apache
vary
Accept-Encoding
data
ads.mythad.com/log/common/web/landingPage/ Frame 971A
0
0

data
ads.mythad.com/log/common/web/landingPage/ Frame AAAD
0
0

latest.js
cdn.utmify.com.br/scripts/utms/ Frame 971A
13 KB
65 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
content-encoding
zstd
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:36 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXTK60DFQZJBTQD4KC8NT-mia
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ Frame 971A
227 KB
0
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/ Frame 971A
284 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/ Frame 971A
5 KB
0
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ Frame 971A
31 KB
89 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
content-encoding
zstd
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:36 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXTKK5S2R7MXTBKM5WANF-mia
fbevents.js
connect.facebook.net/en_US/ Frame 971A
239 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ Frame 971A
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dce6c374982adbe9ac0250e528d5055f8dcb262be7c80b42cc703a879d907fb9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-48-249-191.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Wed, 18 Dec 2024 20:56:36 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=11, origin; dur=7, inner; dur=2
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
2111866.3fcd4508
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e6a330b4188ce67fd5271e70e833d393db94e681c808e40cb72e8a2db285c9b40ed6bdc8e04cd3a6299c05cda817de2da369a7e5fd4b4822e97dcbce6a3e9cf0827232ef8dc9e5fe79d5bb32aadec7075f
x-origin-response-time
7,23.48.249.191
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241218205636E5CC9D370694C3647360-4194372E4F1FD995-00
content-length
2407
x-parent-response-time
17,23.218.223.71
x-tt-logid
20241218205636E5CC9D370694C3647360
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 971A
10 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Content-Encoding
gzip
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
X-NWS-LOG-UUID
9460892755481352482
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
X-Ks-Request-ID
9460892755481352482
Access-Control-Allow-Origin
*
Content-Length
3744
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Accept-Ranges
bytes
Server
Lego Server
collect
www.google.com/ccm/ Frame 971A
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=positivo-agora.site&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=1&rnd=80701420.1734555397&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555396730&tfd=129&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/ Frame 971A
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555396727&cv=11&fst=1734555396727&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
d7bba1363ee85c89e99374143d0259cd0593ac47519f58da1e7517addead60a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2243
date
Wed, 18 Dec 2024 20:56:36 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame 89F0
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555396727&cv=11&fst=1734555396727&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
442067122332003
connect.facebook.net/signals/config/ Frame 971A
69 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 5163
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
513423641743011
connect.facebook.net/signals/config/ Frame 971A
25 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame 971A
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555396766&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555396744&coo=false&exp=j0&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=40, mss=1232, tbw=27948, tp=115, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 971A
67 B
208 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555396766&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555396744&coo=false&exp=j0&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858701067432371"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
TgE1x2/pQI9eRMT30t5LAQnsFgtBbU1iOJRqCUCwmvOkpOav/3OFG/vT2SZIRaGRcgndH1vdQciCINoRn0NVhQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858701067432371", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=40, mss=1232, tbw=28428, tp=121, tpl=0, uplat=38, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' 'report-sample' 'nonce-XudoSIu0' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame 971A
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555396773&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555396744&coo=false&exp=j0&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=40, mss=1232, tbw=28236, tp=119, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 971A
67 B
210 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F&if=true&ts=1734555396773&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555396744&coo=false&exp=j0&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858700389743490"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
F9LXw34D2H4+wQhqDQlSXHEmCZGXG8ZrlqyL3FRkpR31YyBSrWVGfg0K41Fv3el6TSFxo5ieRE7e8IXOVwNlDw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858700389743490", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=40, mss=1232, tbw=30668, tp=123, tpl=0, uplat=39, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.google.com/pagead/1p-user-list/16692136603/ Frame 971A
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555396727&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7drkADL71Eu9spWmGYabvThCTw1lX0rDF4YxqV8U1c6JLuXhY-&random=1762198931&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ Frame 971A
351 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ Frame 971A
146 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/ Frame 971A
0
880 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

x-cache-remote
TCP_MISS from a23-48-249-138.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:36 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=74, origin; dur=49, inner; dur=25
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:36 GMT
x-akamai-request-id
16f9fb5a.3fcd46f6
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e6a1f1da43511f3fd3000856a32f7f460c8f9f944d8317585cd671f18f3c8e266160827da608f228a421b4b73061ee2ee0fe8d3a44fa100da0d8157ace4a9ebbd3882bb37acd45501dd3472ce93d49f5ad
x-origin-response-time
50,23.48.249.138
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412182056362AEFB270576E649F6884-5F87E253198C8CA6-00
content-length
0
x-parent-response-time
110,23.218.223.71
x-tt-logid
202412182056362AEFB270576E649F6884
server
nginx
/
api.ipify.org/ Frame 971A
22 B
252 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f7e7e1b743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=31387&min_rtt=29009&rtt_var=4093&sent=59&recv=46&lost=0&retrans=0&sent_bytes=8944&recv_bytes=3182&delivery_rate=135053&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=5802&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 971A
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:36 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/ Frame 971A
22 B
228 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f7efecd743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=31111&min_rtt=29009&rtt_var=3620&sent=63&recv=49&lost=0&retrans=0&sent_bytes=9262&recv_bytes=3278&delivery_rate=135053&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=5880&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:36 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 971A
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:37 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 971A
203 B
211 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-216-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd2236f8d471b8e97f24dfbbd04f2c04b7113c422c541cb89dda7692ca0e14be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://positivo-agora.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
192
date
Wed, 18 Dec 2024 20:56:37 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
/
positivo-agora.site/ Frame 416E
13 KB
4 KB
Document
General
Full URL
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.217.128.200 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip200.ip-144-217-128.net
Software
Apache /
Resource Hash
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db

Request headers

Referer
https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
4505
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 20:56:37 GMT
server
Apache
vary
Accept-Encoding
act
analytics.tiktok.com/api/v2/pixel/ Frame 971A
0
721 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:37 GMT
server-timing
inner; dur=12, cdn-cache; desc=MISS, edge; dur=16, origin; dur=36
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:37 GMT
x-akamai-request-id
3fcd4a2b
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff6ffe8a48d396423aed959c5dd74a65999b1f7bcac7422507ba837874faf8f8c9303b78b79b78f807fc0f6afd23f332104c165014ef6d1a2968bc5d616e746c589
x-origin-response-time
37,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121820563715BD87715487E99697D6-7B0A32F46F4B137B-00
content-length
0
x-tt-logid
2024121820563715BD87715487E99697D6
server
nginx
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 971A
290 KB
776 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Content-MD5
i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Content-Encoding
gzip
Etag
"8BACD25B485D37EB16DC48306BA2221A"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Fri, 11 Oct 2024 08:43:00 GMT
Date
Wed, 11 Sep 2024 08:43:00 GMT
x-oss-server-time
8
Last-Modified
Wed, 11 Sep 2024 08:21:14 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
X-NWS-LOG-UUID
8425876593540313426
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
1814864409054748518
X-Ks-Request-ID
8425876593540313426
Access-Control-Allow-Origin
*
Content-Length
78021
x-oss-request-id
66E15814007CA03532469C65
X-Cache-Lookup
Cache Hit
Accept-Ranges
bytes
Server
Lego Server
events
tracking.utmify.com.br/tracking/v1/ Frame 971A
0
0

events
tracking.utmify.com.br/tracking/v1/ Frame 971A
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:37 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
latest.js
cdn.utmify.com.br/scripts/utms/ Frame 416E
13 KB
88 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049

Request headers

If-None-Match
W/"3532-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"3532-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:37 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXV49F9YCNJAE651AN5CF-mia
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ Frame 416E
227 KB
0
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age
4963738
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230088-FRA, cache-mia-kmia1760030-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
27424
x-jsd-version
5.3.0
js
www.googletagmanager.com/gtag/ Frame 416E
284 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 20:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100217
x-xss-protection
0
server
Google Tag Manager
834c63b6-logo-branco2_105e038000000000000000.png
d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/ Frame 416E
5 KB
0
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/lp.posicard.com.br/834c63b6-logo-branco2_105e038000000000000000.png
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
max-age=31557600
x-amz-version-id
VeTjdcZoszSz81SGwK0LQYC4uJUQL6Iw
etag
"f87afa194ad83ed22bea7284e2a75640"
age
4621222
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5232
x-amz-cf-id
v7JpC4sDtaE9vtD1660X48bGPYSE16KWUCV0deGCW8Nxv-qPRAvi3A==
date
Sat, 26 Oct 2024 09:16:09 GMT
content-type
image/png
last-modified
Sat, 04 May 2024 14:19:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ Frame 416E
31 KB
65 B
Script
General
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/d5165e6e2 (2024-12-18) / Express
Resource Hash
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864

Request headers

If-None-Match
W/"7cd5-19397381ba8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Thu, 05 Dec 2024 14:27:37 GMT

Response headers

cache-control
public, max-age=0
etag
W/"7cd5-19397381ba8"
access-control-allow-credentials
true
via
2 fly.io
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:37 GMT
last-modified
Thu, 05 Dec 2024 14:27:37 GMT
x-powered-by
Express
server
Fly/d5165e6e2 (2024-12-18)
fly-request-id
01JFDRXV4AQWDDVDCJY14CTD80-mia
fbevents.js
connect.facebook.net/en_US/ Frame 416E
239 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-b9CYSiP0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4518, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
97n3rT1DJyzUX4k8m/X6oZ5NwIfxP3bboxIddl2Xm5d3zNA2zgIBbFR/wQkxal4LodJqjxdyUaHZ8hOhhwfBOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ Frame 416E
7 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5caea48e20276ff00ef629b2251d8f1cf02b151285c4dd0fd525b6986a23c369

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Wed, 18 Dec 2024 20:56:37 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=9, inner; dur=4
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
56c6f7c8.3fcd4d44
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa87aa593aba177866d7ab3e51434bc2e3e654797425380266619b75d9dd2634f4b75d7a9985040f876375b8293004df09e11b1d23926ae34c1ae08d87a19b752ed09343d70fa935ed2d5105bd6025d0e8f04bc1300d216aeb8a2100611d1578e4a9
x-origin-response-time
9,23.220.106.7
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24121820563704798650A3F928A5F1D2-3D2400E958EC7A30-00
content-length
2373
x-parent-response-time
13,23.218.223.71
x-tt-logid
2024121820563704798650A3F928A5F1D2
server
nginx
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 416E
10 KB
778 B
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510449167530721283&lib=kwaiq
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

If-None-Match
"C5DC8475F5AE240BD1474B4467D9E7D8"
Referer
https://positivo-agora.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
Mon, 27 May 2024 02:52:15 GMT

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
x-ks-client-ip
38.132.118.67
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Sat, 17 Aug 2024 02:58:37 GMT
Date
Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time
56
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
5070943439186395068
X-Ks-Cache
Hit from 43.152.136.155
x-oss-hash-crc64ecma
13562747518461854989
Connection
close
X-Ks-Request-ID
5070943439186395068
Access-Control-Allow-Origin
*
x-oss-request-id
669884DD46F0D734384A1FFC
X-Cache-Lookup
Cache Hit
Server
Lego Server
442067122332003
connect.facebook.net/signals/config/ Frame 416E
69 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/442067122332003?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YYw5tvJ3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70534, tp=65, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
l6EFmGzsIByVBOJ/D7B5URY9z3xceBvnghHIx850EnpaUHEUJzBtwQInHvlSyKpvIUx0Zr/hY1D5I3tNCYmvTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
513423641743011
connect.facebook.net/signals/config/ Frame 416E
25 KB
0
Script
General
Full URL
https://connect.facebook.net/signals/config/513423641743011?v=2.9.179&r=stable&domain=positivo-agora.site&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-k45CTV85' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=89, mss=1232, tbw=85718, tp=80, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
ycUR4KXG/hrGH4oiZWdBQqVsPPKYm6kmCDaGLNmudEuGtj7qk86Y3hLgMxJSSpavd8KtTW/aH8m7XSKPETDXbg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ Frame 416E
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555397284&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555397255&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=40, mss=1232, tbw=31772, tp=128, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:37 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 416E
67 B
212 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=442067122332003&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555397284&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555397255&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858704610205980"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:37 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
DLIVveEJH/37ke4AJMmV+XLZ/ZkrqPy2ricyge0Bdsc7TuOGB4yQSxXHPtBowqcJ+nUt4xgheKJ271TBE2wSqA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858704610205980", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=40, mss=1232, tbw=32252, tp=134, tpl=0, uplat=36, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ Frame 416E
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=positivo-agora.site&dl=https%3A%2F%2Fpositivo-agora.site%2F&scrsrc=www.googletagmanager.com&frm=1&rnd=1395371936.1734555397&auid=1251213034.1734555391&navt=n&npa=0&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734555397294&tfd=400&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/ Frame 416E
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16692136603/?random=1734555397292&cv=11&fst=1734555397292&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
804987ddbff2faade08cb5850d2eaf93bcfd7bf162e9caf2ef9a5db3100e2c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2322
date
Wed, 18 Dec 2024 20:56:37 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16692136603
td.doubleclick.net/td/rul/ Frame 14E0
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16692136603?random=1734555397292&cv=11&fst=1734555397292&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivo-agora.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 416E
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555397305&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555397255&coo=false&rqm=GET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=40, mss=1232, tbw=32060, tp=132, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 20:56:37 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 416E
67 B
206 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=513423641743011&ev=PageView&dl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&rl=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&if=true&ts=1734555397305&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734555391187.94350451048595477&ler=empty&cdl=API_unavailable&it=1734555397255&coo=false&rqm=FGET
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449858705105638853"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 20:56:37 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
1OelkR9emXdwcI04pLlP7fjOhy21ssoeQiu6dpXezi4YK9CFwavnJ6PUKaLm/ZqUtpqx+mTEgB1QZ0ofgeGbeg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449858705105638853", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=40, mss=1232, tbw=33180, tp=136, tpl=0, uplat=37, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame C447
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fpositivo-agora.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16692136603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 20:56:31 GMT
expires
Thu, 18 Dec 2025 20:56:31 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ Frame 416E
351 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CR88BSBC77U42T4DV7H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2412101334450A9036E13F668DBA9DB7-6C1F485E56EDF85B-00
content-length
98524
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450A9036E13F668DBA9DB7
server
nginx
x-akamai-request-id
3fccef36
x-tt-trace-host
0105df65b8d3eb256649d2db999d84f8c162bef9b958a093259e05688cd7b00a198452365a04f32ae9122a6702c39b857a657d47275e8965b04b5364494419ba1755c810141d07d09fac690fdc064b6945a8fc11414c9453b70520a8e234173d9925601bb490ad2fd0334c6af2f9f93dbf475d6f8a4efc0fa1ed05c877858ad613
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ Frame 416E
146 KB
0
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

x-cache
TCP_MEM_HIT from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241115053930F1440A1907BC2E1F87C0-53204C6A16170431-00
content-length
39469
date
Wed, 18 Dec 2024 20:56:31 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115053930F1440A1907BC2E1F87C0
server
nginx
x-akamai-request-id
3fccf238
x-tt-trace-host
0167139c110bda04d3d589f2171d83f3f2788f4695a31306a6f458459465ddd1bd692c9604a3c80f6ade0fa58815c269a013806bee1358742f1f1ed6fb388f7aaef9dcfaefeed183c6e4917a1aeec161e909d8fc2dc3fa5e9dd440708e23202b65
pixel
analytics.tiktok.com/api/v2/ Frame 416E
0
720 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:37 GMT
server-timing
inner; dur=19, cdn-cache; desc=MISS, edge; dur=12, origin; dur=23
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:37 GMT
x-akamai-request-id
3fcd4eb8
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff65c7ce514bb6ca0c4f9c1819c8925b02305face8d75a53810b47cc710a4c4cb8b4b6ff4e76f8f1846b2616c98fb58640e0e83908ff5502479ed63d0283696322f
x-origin-response-time
24,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241218205637F67194F5C0FEA69A89E5-56AD81F05FF86758-00
content-length
0
x-tt-logid
20241218205637F67194F5C0FEA69A89E5
server
nginx
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
0
0

radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 971A
0
0

getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ Frame 971A
0
0

/
www.google.com/pagead/1p-user-list/16692136603/ Frame 416E
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16692136603/?random=1734555397292&cv=11&fst=1734552000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9194567860za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fpositivo-agora.site%2F&ref=https%3A%2F%2Fpositivo-agora.site%2F%3Futm_source%3Dorganic%26utm_campaign%3D%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26xcod%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR%26sck%3DorganichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1251213034.1734555391&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7ddp740PYh8_0BQin5I3nm0wMJhAbmblGfpXxmmHgY0D3I7RLb&random=2265836996&rmt_tld=0&ipr=y
Requested by
Host: positivo-agora.site
URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 20:56:37 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 416E
0
0

/
api.ipify.org/ Frame 416E
22 B
252 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f420f81fbe3743d-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=30873&min_rtt=29009&rtt_var=3192&sent=66&recv=51&lost=0&retrans=0&sent_bytes=9556&recv_bytes=3339&delivery_rate=135053&cwnd=244&unsent_bytes=0&cid=3d4617c00b5c46a8&ts=6376&x=0"
content-length
22
date
Wed, 18 Dec 2024 20:56:37 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ Frame 416E
27 B
220 B
Fetch
General
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://positivo-agora.site/

Response headers

Access-Control-Allow-Origin
*
Content-Length
27
Date
Wed, 18 Dec 2024 20:56:37 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
/
api.ipify.org/ Frame 416E
0
0

/
api6.ipify.org/ Frame 416E
0
0

events
tracking.utmify.com.br/tracking/v1/ Frame
0
0

events
tracking.utmify.com.br/tracking/v1/ Frame 416E
0
0

events
tracking.utmify.com.br/tracking/v1/ Frame
0
0
Preflight
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://positivo-agora.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 18 Dec 2024 20:56:37 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
events
tracking.utmify.com.br/tracking/v1/ Frame 416E
57 B
240 B
Fetch
General
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.67.183.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-183-120.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://positivo-agora.site/

Response headers

access-control-allow-origin
*
content-length
57
date
Wed, 18 Dec 2024 20:56:37 GMT
etag
W/"39-d/xAmW6uFw360hLhV64n9Iy6Yns"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
act
analytics.tiktok.com/api/v2/pixel/ Frame 416E
0
719 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-107-78.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://positivo-agora.site/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Dec 2024 20:56:37 GMT
server-timing
inner; dur=23, cdn-cache; desc=MISS, edge; dur=9, origin; dur=31
x-cache
TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 18 Dec 2024 20:56:37 GMT
x-akamai-request-id
3fcd52da
access-control-allow-headers
Authorization,*
x-tt-trace-host
012abdb6ded152821aa6b54fd2c6c3aa8748030c9f1f5ba0349fe44efff681cff65c7ce514bb6ca0c4f9c1819c8925b0231c932ad09a17dd668f2f6ff447c4f69c65cb9f459aea106275de6570ac77e8407d35c3fabf456b797311a95d46187bc4
x-origin-response-time
31,23.218.223.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241218205637F67194F5C0FEA69A89F8-1A14B3A61E919AA9-00
content-length
0
x-tt-logid
20241218205637F67194F5C0FEA69A89F8
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.mythad.com
URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/co/api
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/co/api
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/co/api
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/co/api
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/web/landingPage/data
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/web/landingPage/data
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/web/landingPage/data
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/web/landingPage/data
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/web/landingPage/data
Domain
ads.mythad.com
URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Domain
ads.mythad.com
URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Domain
ads.mythad.com
URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixel
Domain
s1.kwai.net
URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510449167530721283&lib=kwaiq
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/web/landingPage/data
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/co/api
Domain
ads.mythad.com
URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Domain
logsdk.kwai-pro.com
URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/web/landingPage/data
Domain
ads.mythad.com
URL
https://ads.mythad.com/log/common/web/landingPage/data
Domain
tracking.utmify.com.br
URL
https://tracking.utmify.com.br/tracking/v1/events
Domain
logsdk.kwai-pro.com
URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Domain
logsdk.kwai-pro.com
URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Domain
ads.mythad.com
URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=510449167530721283&pageId=pageId-1734555397378-5611759840631
Domain
ads.mythad.com
URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Domain
api.ipify.org
URL
https://api.ipify.org/?format=json
Domain
api6.ipify.org
URL
https://api6.ipify.org/?format=json
Domain
tracking.utmify.com.br
URL
https://tracking.utmify.com.br/tracking/v1/events
Domain
tracking.utmify.com.br
URL
https://tracking.utmify.com.br/tracking/v1/events

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| a string| pixelId function| fbq function| _fbq function| gtag object| dataLayer string| TiktokAnalyticsObject object| ttq string| KwaiAnalyticsObject object| kwaiq object| install function| mostrarPagina function| storeUTMParams object| paramsList number| itemExpInDays object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| events object| utmParams function| Radar object| core object| _WEBLOGGER function| Weblog object| checkPixel

10 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _ttp
Value: 2qPDbuS88nFkqMYBLBQ1XQvzbY1
.positivo-agora.site/ Name: _fbp
Value: fb.1.1734555391187.94350451048595477
.positivo-agora.site/ Name: _gcl_au
Value: 1.1.1251213034.1734555391
.positivo-agora.site/ Name: _tt_enable_cookie
Value: 1
.positivo-agora.site/ Name: _ttp
Value: J8gmbd1hqKG4LQrdk3zDFdK0cql.tt.1
.doubleclick.net/ Name: IDE
Value: AHWqTUnABSRK3Q17y4geYARWrjaWSsVrb_ZdrDRnh2rTnWMgmGZxQH5KEuYMIP3U
positivo-agora.site/ Name: _did
Value: web_4361192238E67877
.positivo-agora.site/ Name: kwai_uuid
Value: fd49501156dcec17293126dcd9b355d0
.mythad.com/ Name: kwai_ckid
Value: 1734555393342_23448040093254384
.positivo-agora.site/ Name: _k_cp
Value: 1

25 Console Messages

Source Level URL
Text
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://positivo-agora.site/
Message:
Access to XMLHttpRequest at 'https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo' from origin 'https://positivo-agora.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://positivo-agora.site/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://positivo-agora.site/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A0CE1F5C360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=&sck=
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040CE1F5C360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://positivo-agora.site/?utm_source=organic&utm_campaign=&utm_medium=&utm_content=&utm_term=&xcod=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=organichQwK21wXxRhQwK21wXxRhQwK21wXxRhQwK21wXxR
Message:
Access to XMLHttpRequest at 'https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo' from origin 'https://positivo-agora.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tracking.utmify.com.br/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
analytics.tiktok.com
api.ipify.org
api6.ipify.org
cdn.jsdelivr.net
cdn.utmify.com.br
connect.facebook.net
d9hhrg4mnvzow.cloudfront.net
googleads.g.doubleclick.net
logsdk.kwai-pro.com
positivo-agora.site
s1.kwai.net
td.doubleclick.net
tracking.utmify.com.br
www.facebook.com
www.google.com
www.googletagmanager.com
ads.mythad.com
api.ipify.org
api6.ipify.org
logsdk.kwai-pro.com
s1.kwai.net
tracking.utmify.com.br
104.26.12.205
144.217.128.200
173.194.66.106
18.154.230.100
209.85.201.154
209.85.232.156
23.205.107.78
23.218.216.147
23.218.216.151
2600:1408:c400:29::17da:da50
2607:f2d8:1:3c::4
2607:f8b0:400d:c09::61
2607:f8b0:400d:c0f::9a
2a04:4e42:600::485
2a09:8280:1::2a:6f56:0
31.13.66.19
31.13.66.35
43.152.136.155
52.67.183.120
02f365d1823c5efe39d8b2bcf448b9f2ba2bc17b301ba8af6c11f942e0feb6cf
0b6e5b46d0f0717d668312586fd72c81b1a6e06e1ac30d07f0d78cdba93e1a81
103bab2587d28117a40ed9e5c4276e1c4a0885cd174482bec681f3440a24ed83
1ac68f441b2144063642f31acdacf9ea8bcd3eb891b497ea74ea40d310ad21ab
2436b92b52d4d14a9d827f83d6b1b3c45ffeb1a20734067c8a766f6671c5a912
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
288e599aa574ed814d9691a4f387e470f8cb8a078b8dcec6b706930dc0754242
29c842c0a44e841d0947c40a5b982e1a51903d92762f537d009788ec73afd514
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2f3f2e97469b49610cbf457a09558e7e4801e513b1165b758077ef1b474afad5
303b73c034d412706e754098ced35e444618190d6c839f7934b0e5859212c290
319758850241f60f0c4c480f9c00c3826b2b4d0b4eb148a66ce5f98ecc70b13c
35cf392e493ecdf15c2a6df4000033552ab48ac4305d5bc77e36cea39024b3b8
3c90494081280e68f4df7d0f8a3c9cd40028d069a54720a60e2b0c06e10d8ae8
3ed6fabe164198237a14d62afa896f73dcde432803a322191497a79095ce5a3b
41b0d7f284a80e6156d5fa90deb8cbcb7e256c65f7d862111b59eb120aa7461a
4b0da46832576ca6908beffd48764a9b07b6be8017418cd630664a5a4d95d7db
5b904781012156405dbaa1e7fb8f1d51aac6a0c9303150883cb83c73fdf07a06
5caea48e20276ff00ef629b2251d8f1cf02b151285c4dd0fd525b6986a23c369
6a976e27a0c0b62df86d5fac7d120cd4bf8fc71ee26d589390c1d7ac1a742f93
6e1ca25e21325d9dcd36f7d5007898f10f8803a5b5bc8e8666babe768b44d864
7230bb26e2608a3c2697803f70609b04e6f15f8c62da8d6576a406114c6cbb54
729926f1c51e4c5faf0607d2b93e04b427b8e7a0658e54d8a212a76832fe1343
775eadefec7389a92a319ad32360a0f87b84fb74eb2aacd15f9d41d7802bebb8
7e8ec2077cb71741fb78472792e3a7595b2244ace5072a0ad723e267802e9760
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
804987ddbff2faade08cb5850d2eaf93bcfd7bf162e9caf2ef9a5db3100e2c13
838adcbf1f412c689d5b010b7bb0a049bce9d8791ca417d0838b401a71a15049
85da2ca046ea4b5e4542c6ae49a6e7b80287436921d977f6c676de80d47c4b8e
870dd2320d6a83c65f42c34f13d495b0f5aedaba97147196641c50f02ade89cd
89c53b4e6f1e27143ff379e081285eb84e11cc0f378f8dd9525495153cc4e92d
8a5af0c02bf6e492c5b38c06c72b42a4040be78c7b40eecfe7db95da032d864e
8bc4847ec967817afd4cb58f5c9006a5997b8a388caf9f776ca43a067c261d63
92e138c88738bfd0d1aac56c7b0756a6d9564179badf0c96cf7227df95f1244c
95a31d21221bd78c84be6e05785cf701b337ed0c5d72cd45517390e507641566
9a5ec3e1effe75abe3480d1266cae355e34ca3922ea92358fe277f3e454f1425
9bf16ebaa47139d29861b9c8cb13265e8f688d3339417e059995d3278ffb086d
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
a0d308ec43748c38c788061644edb69843443d9ee5f840dc0180beba0c41f76a
a331033d2adeb8608b7d944668be44a44dc2e5d7d3779576ad33819158e1ddb8
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
a517c712afb502641f882251b4e225cfb6898a5995eefc5d3f6a515b4a950335
a8ef36f59d0b5aeed151846908ab6971d7acd2a7ec3f93bba8fb4bc924da4957
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae83d92a798fdbfe3c4d3d4b1cd9227f6ffb0c98e5a093b609524bd8f047c2f9
b8d77e191d3059658b84478ad9b48e51ca5935b07d5759941f936b68c8cac25a
c15395f581a2b3423e7203dc274a321c8b9fc29f404ebf4a44bffbef1c5e8b3e
c3e7845d84a88bb8cdfb2b6b8f31b8d1b44f70184247e93ef6c9dca88c919e5e
c5f452a01300ae0453263cba304e4d7d3af5088b6e8e4c4be235e5556d114767
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87
d080239f3e646284ca12f80894be34bdce97d96d161a6f241a12903071680173
d53d8bd33bcaa6daf51a306d4efe28e74b0cf33cacc778049bacb97a320cd76b
d7bba1363ee85c89e99374143d0259cd0593ac47519f58da1e7517addead60a1
d888ddc4ca2fe1e7c8e613dcec7b83dee6f12dc9c8571390a3b2696ce144be1a
da279392b20bac7bbc9ed7d17ff544fd811d1723852059c04bed0e30fe5c90ca
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215
da722fd03f5823d92b26ba78e55d8072638781b928760f22486d2ce6bbce08cb
dc3e3cf56ae1ecedbd03bc12fea78a22bccc9bbc9c3f5c3e8dc9a8a2272660be
dce6c374982adbe9ac0250e528d5055f8dcb262be7c80b42cc703a879d907fb9
dd2236f8d471b8e97f24dfbbd04f2c04b7113c422c541cb89dda7692ca0e14be
e103c79b9cf9f2ab14a5107ca866ca74218e2a955d0940619dd2aee8a1823b72
e3396580d4d35bba379dfc2f41d0c23cf82f29e6310456213bb9ca56b7bc613c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec86d53bdccf598b836b8c7c91ad6dc4833cc8e1901c9fb8471a853721862129
eeb80d375efe16009a6fed72f2fe9c472c51e568c3ec2b08f820e7073d88cb78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd2b1e3981b76f15bbb0c028d6c0660fd874caa6cc0abc802c1241ad09334c5
f0022614536ba13c81f4cdf4ea7025dd04d5d07f2183c310b41ec1085ff2bf02
f66911d0a0e77e5a85dd27628439ae7163c6088fa4d013d43ab55226f3e11c56
fa93ca87a7c3995dbf7f669a9d6b11d84c682b510389b96c7bf10786527eca7a
ff6b84fdcb8caf0bd658d9f4d2db8dc9086e629002db780d6234adda2dd25e3d
ffc66b89cbd6a93ebb609555d8c57cfdf99ae108f04c6e406bebb05deffe2d73