urlscan.io logo urlscan.io
SecurityTrails logo

ws2.pelotas.com.br Open in urlscan Pro
187.86.132.228  Public Scan

Go To Rescan Add Verdict Report
URL: https://ws2.pelotas.com.br/
Submission: On October 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 18 HTTP transactions. The main IP is 187.86.132.228, located in Pelotas, Brazil and belongs to VETORIALNET INF. E SERVICOS DE INTERNET LTDA, BR. The main domain is ws2.pelotas.com.br.
TLS certificate: Issued by R11 on October 22nd 2024. Valid for: 3 months.
This is the only time ws2.pelotas.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 8 187.86.132.228 53066 (VETORIALN...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
18 9
8    187.86.132.228 (Pelotas, Brazil)

ASN53066 (VETORIALNET INF. E SERVICOS DE INTERNET LTDA, BR)
PTR: mail.pelotas.com.br
ws2.pelotas.com.br
www.pelotas.com.br
1    2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)
apis.google.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 pelotas.com.br
ws2.pelotas.com.br
www.pelotas.com.br
79 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
12 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
175 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3270
42 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
24 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222
12 KB
1 google.com
apis.google.com — Cisco Umbrella Rank: 123
24 KB
18 9
Domain Requested by
7 ws2.pelotas.com.br 3 redirects ws2.pelotas.com.br
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.youtube.com ws2.pelotas.com.br
www.youtube.com
2 www.googletagmanager.com ws2.pelotas.com.br
www.googletagmanager.com
2 stackpath.bootstrapcdn.com ws2.pelotas.com.br
1 cdnjs.cloudflare.com ws2.pelotas.com.br
1 code.jquery.com ws2.pelotas.com.br
1 www.pelotas.com.br ws2.pelotas.com.br
1 use.fontawesome.com ws2.pelotas.com.br
1 apis.google.com ws2.pelotas.com.br
18 10
Subject Issuer Validity Valid
www.cliquesaudepelotas.com.br
R11		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.apis.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
use.fontawesome.com
WE1		 2024-09-09 -
2024-12-09		 3 months crt.sh
www.pelotas.com.br
R10		 2024-10-20 -
2025-01-18		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ws2.pelotas.com.br/
Frame ID: 3A32799787E9C5850765D44E9EF8AF8C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prefeitura Municipal de Pelotas

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

78 %
HTTPS

67 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

396 kB
Transfer

1177 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ws2.pelotas.com.br/css/styles.css HTTP 302
  • https://ws2.pelotas.com.br/
Request Chain 10
  • https://ws2.pelotas.com.br/js/app.js HTTP 302
  • https://ws2.pelotas.com.br/
Request Chain 16
  • https://ws2.pelotas.com.br/favicon.ico HTTP 302
  • https://ws2.pelotas.com.br/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ws2.pelotas.com.br/ 		36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws2.pelotas.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
187.86.132.228 Pelotas, Brazil, ASN53066 (VETORIALNET INF. E SERVICOS DE INTERNET LTDA, BR),
Reverse DNS
mail.pelotas.com.br
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8682284ae5d7aaf245de721faadb072e8a243930f307c26fa19c42e2837a8470

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
8540
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Oct 2024 05:18:20 GMT
Keep-Alive
timeout=5, max=500
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 www.cliquesaudepelotas.com.br
/
ws2.pelotas.com.br/
Redirect Chain
  • https://ws2.pelotas.com.br/css/styles.css
  • https://ws2.pelotas.com.br/
36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws2.pelotas.com.br/
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
HTTP/1.1
Server
187.86.132.228 Pelotas, Brazil, ASN53066 (VETORIALNET INF. E SERVICOS DE INTERNET LTDA, BR),
Reverse DNS
mail.pelotas.com.br
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8682284ae5d7aaf245de721faadb072e8a243930f307c26fa19c42e2837a8470

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

Cache-Control
no-cache, private
Content-Encoding
gzip
Connection
Keep-Alive
Via
1.1 www.cliquesaudepelotas.com.br
Content-Length
8540
Keep-Alive
timeout=5, max=500
Date
Mon, 28 Oct 2024 05:18:21 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
Cache-Control
no-cache, private
Location
https://ws2.pelotas.com.br/
Connection
Keep-Alive
Via
1.1 www.cliquesaudepelotas.com.br
Keep-Alive
timeout=5, max=499
Date
Mon, 28 Oct 2024 05:18:21 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
platform.js
apis.google.com/js/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fe442c392ba79a12acfdac7466b61109511238a1f5590263652c9aa6a1c8d37
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

content-encoding
gzip
etag
"9dee6abae30788e3"
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 05:18:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:18:21 GMT
content-type
text/javascript
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="gapi-team"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24185
x-xss-protection
0
server
sffe
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ws2.pelotas.com.br
Referer
https://ws2.pelotas.com.br/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
"a15c2ac3234aa8f6064ef9c1f7383c37"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 28 Oct 2024 05:18:21 GMT
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/10/2024 11:41:37
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
1
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c431c1e24557fe7d5bfc3c6c6864bc23
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d9876f54ad88dfc-MIA
access-control-allow-origin
*
cdn-edgestorageid
878
server
cloudflare
cdn-requestcountrycode
US
all.css
use.fontawesome.com/releases/v5.8.2/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ws2.pelotas.com.br
Referer
https://ws2.pelotas.com.br/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"77cbad34e5ce95e70847b074e05faeab"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kcEyeYU5%2BYsb%2FbiCNRS4f8goqYVxutRSIanKTDsFsAYHuzlFST1bgKd6cRkx7ryXs4Bg2ULofwyFfJ2E048hmAY3IhnaC0eQnEbCxYXucDADd8joyOA1ZGl9%2BuV7t6A4f8G4n3y0gfa3%2FdUYEVV824y0"}],"group":"cf-nel","max_age":604800}
cf-ray
8d9876f5a8404c10-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=30722&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4018&recv_bytes=2265&delivery_rate=131386&cwnd=253&unsent_bytes=0&cid=f1e1285e9ac3b0d4&ts=114&x=0"
date
Mon, 28 Oct 2024 05:18:21 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:57 GMT
vary
Origin, Accept-Encoding
server
cloudflare
cartao-sus.png
www.pelotas.com.br/storage/cliquesaude/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pelotas.com.br/storage/cliquesaude/cartao-sus.png
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
187.86.132.228 Pelotas, Brazil, ASN53066 (VETORIALNET INF. E SERVICOS DE INTERNET LTDA, BR),
Reverse DNS
mail.pelotas.com.br
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
096b817ba825232a0367a0203940e39d7a30364a87d590f04f9d62fe089ef88b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

ETag
"60665dcd-9f05"
Connection
Keep-Alive
Via
1.1 www.pelotas.com.br
Accept-Ranges
bytes
Content-Length
40709
Keep-Alive
timeout=5, max=500
Date
Mon, 28 Oct 2024 05:18:21 GMT
Content-Type
image/png
Last-Modified
Thu, 01 Apr 2021 23:57:01 GMT
Server
nginx/1.18.0 (Ubuntu)
jquery-3.3.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ws2.pelotas.com.br
Referer
https://ws2.pelotas.com.br/

Response headers

content-encoding
gzip
etag
W/"28feccc0-1111d"
age
4496701
x-cache
HIT, HIT
date
Mon, 28 Oct 2024 05:18:21 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
10, 94936
x-served-by
cache-lga21982-LGA, cache-mia-kmia1760054-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1730092701.055408,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
24038
server
nginx
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ws2.pelotas.com.br
Referer
https://ws2.pelotas.com.br/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fa9-520c"
age
379923
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Am5EndkzXu%2FIh4alYFulqlLggAWrkfVxJzVRkBEI%2B9NR6QoEnR7J27W1tfwVgjdX3a8sldlXOLLaUcJBDq%2BuU0TrK0BRWeS54xqSYMEFck%2BLRifn6K7HmzX%2BCarEVX4NsLp9dJ1d"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 05:18:21 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 28 Oct 2024 05:18:21 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:15:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d9876f53c80a536-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6646
server
cloudflare
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ws2.pelotas.com.br
Referer
https://ws2.pelotas.com.br/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 28 Oct 2024 05:18:21 GMT
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
03/18/2024 12:49:09
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
cecf3c598f4b7b7f3da3318c7448e64d
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d9876f54ad98dfc-MIA
access-control-allow-origin
*
cdn-edgestorageid
975
server
cloudflare
cdn-requestcountrycode
US
js
www.googletagmanager.com/gtag/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-110499493-1
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1cd3b802e6b4698445ea8052c9116ace428f7345546b967e2e6516bf79a63610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 28 Oct 2024 05:18:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:18:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80515
x-xss-protection
0
server
Google Tag Manager
player_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
385ab9e107f7bd102c6229aeac62848250e3ea653bef4f7bd2e2f8535e7864ee
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Mon, 28 Oct 2024 05:18:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Mon, 28 Oct 2024 05:18:21 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
/
ws2.pelotas.com.br/
Redirect Chain
  • https://ws2.pelotas.com.br/js/app.js
  • https://ws2.pelotas.com.br/
36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws2.pelotas.com.br/
Requested by
Host: ws2.pelotas.com.br
URL: https://ws2.pelotas.com.br/
Protocol
HTTP/1.1
Server
187.86.132.228 Pelotas, Brazil, ASN53066 (VETORIALNET INF. E SERVICOS DE INTERNET LTDA, BR),
Reverse DNS
mail.pelotas.com.br
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8682284ae5d7aaf245de721faadb072e8a243930f307c26fa19c42e2837a8470

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

Cache-Control
no-cache, private
Content-Encoding
gzip
Connection
Keep-Alive
Via
1.1 www.cliquesaudepelotas.com.br
Content-Length
8540
Keep-Alive
timeout=5, max=497
Date
Mon, 28 Oct 2024 05:18:21 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
Cache-Control
no-cache, private
Location
https://ws2.pelotas.com.br/
Connection
Keep-Alive
Via
1.1 www.cliquesaudepelotas.com.br
Keep-Alive
timeout=5, max=498
Date
Mon, 28 Oct 2024 05:18:21 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
www-widgetapi.js
www.youtube.com/s/player/fb725ac8/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fb725ac8/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
635b2814dbecb78302d05c529bf175ef815ef51e7c344769247896504843b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

content-encoding
br
age
7234
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 28 Oct 2025 03:17:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 03:17:47 GMT
last-modified
Wed, 23 Oct 2024 04:16:42 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10143
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		275 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FCNV44YCFW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-110499493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6b7c7e0782fa6ee72575d4307a5ab07dbc9379a645c4cb408e5a2bf95f8b893
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 28 Oct 2024 05:18:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:18:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98063
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-110499493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

content-encoding
gzip
age
4337
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 06:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 04:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FCNV44YCFW&gtm=45je4ao0v9122489063za200&_p=1730092701474&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848&cid=1306831150.1730092702&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1730092701&sct=1&seg=0&dl=https%3A%2F%2Fws2.pelotas.com.br%2F&dt=Prefeitura%20Municipal%20de%20Pelotas&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1825
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FCNV44YCFW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://ws2.pelotas.com.br
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:18:21 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=399701584&t=pageview&_s=1&dl=https%3A%2F%2Fws2.pelotas.com.br%2F&ul=en-us&de=UTF-8&dt=Prefeitura%20Municipal%20de%20Pelotas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=734481027&gjid=678688296&cid=1306831150.1730092702&tid=UA-110499493-1&_gid=1978012339.1730092702&_r=1&gtm=457e4ao0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848&jsscut=1&z=1002258714
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ws2.pelotas.com.br/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:18:21 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://ws2.pelotas.com.br
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
/
ws2.pelotas.com.br/
Redirect Chain
  • https://ws2.pelotas.com.br/favicon.ico
  • https://ws2.pelotas.com.br/
36 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ws2.pelotas.com.br/
Protocol
HTTP/1.1
Server
187.86.132.228 Pelotas, Brazil, ASN53066 (VETORIALNET INF. E SERVICOS DE INTERNET LTDA, BR),
Reverse DNS
mail.pelotas.com.br
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8682284ae5d7aaf245de721faadb072e8a243930f307c26fa19c42e2837a8470

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ws2.pelotas.com.br/

Response headers

Cache-Control
no-cache, private
Content-Encoding
gzip
Connection
Keep-Alive
Via
1.1 www.cliquesaudepelotas.com.br
Content-Length
8540
Keep-Alive
timeout=5, max=495
Date
Mon, 28 Oct 2024 05:18:22 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
Cache-Control
no-cache, private
Location
https://ws2.pelotas.com.br/
Connection
Keep-Alive
Via
1.1 www.cliquesaudepelotas.com.br
Keep-Alive
timeout=5, max=496
Date
Mon, 28 Oct 2024 05:18:22 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| gapi object| ___jsl function| $ function| jQuery function| Popper object| bootstrap function| gtag object| dataLayer string| buscador_base_uri string| _token object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

9 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: ypPHgaSoq6Y
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 46erb_-BlQw
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgag%3D%3D
.pelotas.com.br/ Name: _ga_FCNV44YCFW
Value: GS1.1.1730092701.1.0.1730092701.0.0.0
.pelotas.com.br/ Name: _ga
Value: GA1.3.1306831150.1730092702
.pelotas.com.br/ Name: _gid
Value: GA1.3.1978012339.1730092702
.pelotas.com.br/ Name: _gat_gtag_UA_110499493_1
Value: 1
ws2.pelotas.com.br/ Name: XSRF-TOKEN
Value: eyJpdiI6Im53cTlnSE5jcjg4UGptYU1FZTU0TGc9PSIsInZhbHVlIjoiR3VyQ0FnMFVpcmFvN3hLVjRGT2xVM3NKbWt6WGlcL2xtVDNqVmN1YWpnNXJLVzdZZTVBMHVuMWg3NFVYTkc2WWdcL0x2NGRuQjNFd3c0M3B6aDRlTHE2UT09IiwibWFjIjoiODQ2NDdjYTIyNGU3NDk5ZTE5Y2Q0YWY4ZmQ1MGQyZTc3NGYxNzhkMjBmZDhkYmVjZTdlNjE3NDZhNDY1MmExMCJ9
ws2.pelotas.com.br/ Name: laravel_session
Value: eyJpdiI6IldzSkszYmdHUGljRnQrMDRMcEZIbWc9PSIsInZhbHVlIjoieUQwZnpQVUNBc1Z4ek5KMGh2akpwdEdpeFZpc3lrXC9UWHdiU3ZHSnlDRHZ1RUY3YnRSRTVcL2xpTkFWRGM2MmtVWEhucG9ycXlMbHNyMG8xNDVISkpMQT09IiwibWFjIjoiMTFhZjZiNzVlNzJkMzZlM2M4MDA2NjRjMDE5YTdhNzJlMjFjZjZlMDE0ZWRhNGVjYTI4ZTBjOGY2ZGU0M2VmYSJ9

2 Console Messages

Source Level URL
Text
security warning URL: https://ws2.pelotas.com.br/
Message:
Mixed Content: The page at 'https://ws2.pelotas.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.pelotas.com.br/storage/cliquesaude/cartao-sus.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ws2.pelotas.com.br/(Line 466)
Message:
Mixed Content: The page at 'https://ws2.pelotas.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.pelotas.com.br/storage/cliquesaude/cartao-sus.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html