urlscan.io logo urlscan.io
SecurityTrails logo

www.pendente-valoresbx.com Open in urlscan Pro
76.76.21.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pendente-valoresbx.com/
Effective URL: https://www.pendente-valoresbx.com/
Submission Tags: suspect
Submission: On October 11 via api from BR — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 22 HTTP transactions. The main IP is 76.76.21.98, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.pendente-valoresbx.com.
TLS certificate: Issued by R10 on October 10th 2024. Valid for: 3 months.
This is the only time www.pendente-valoresbx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 76.76.21.98 16509 (AMAZON-02)
1 173.194.68.95 15169 (GOOGLE)
2 157.240.229.1 32934 (FACEBOOK)
1 173.194.68.91 15169 (GOOGLE)
1 13.107.253.38 8075 (MICROSOFT...)
2 104.26.12.205 13335 (CLOUDFLAR...)
3 173.194.175.94 15169 (GOOGLE)
1 2 34.136.124.210 396982 (GOOGLE-CL...)
2 162.159.138.232 13335 (CLOUDFLAR...)
2 157.240.229.17 32934 (FACEBOOK)
2 157.240.229.35 32934 (FACEBOOK)
22 12
5    76.76.21.98 (Walnut, United States)

ASN16509 (AMAZON-02, US)
pendente-valoresbx.com
www.pendente-valoresbx.com
1    173.194.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f95.1e100.net
fonts.googleapis.com
2    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
1    173.194.68.91 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f91.1e100.net
www.youtube.com
1    13.107.253.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bcb.gov.br
2    104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
3    173.194.175.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f94.1e100.net
fonts.gstatic.com
2    34.136.124.210 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 210.124.136.34.bc.googleusercontent.com
api.hackertarget.com
2    162.159.138.232 (None, )

ASN13335 (CLOUDFLARENET, US)
canary.discord.com
2    157.240.229.17 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-02-iad3.facebook.com
graph.facebook.com
2    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
5 pendente-valoresbx.com
pendente-valoresbx.com
www.pendente-valoresbx.com
240 KB
4 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 185
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
3 gstatic.com
fonts.gstatic.com
42 KB
2 discord.com
canary.discord.com — Cisco Umbrella Rank: 310383
2 hackertarget.com
api.hackertarget.com — Cisco Umbrella Rank: 679593
486 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2041
227 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
71 KB
1 bcb.gov.br
www.bcb.gov.br — Cisco Umbrella Rank: 414901
4 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
0 Failed
function sub() { [native code] }. Failed
22 11
Domain Requested by
4 www.pendente-valoresbx.com www.pendente-valoresbx.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com
2 graph.facebook.com www.pendente-valoresbx.com
2 canary.discord.com www.pendente-valoresbx.com
2 api.hackertarget.com 1 redirects www.pendente-valoresbx.com
2 api.ipify.org www.pendente-valoresbx.com
2 connect.facebook.net www.pendente-valoresbx.com
connect.facebook.net
1 www.bcb.gov.br www.pendente-valoresbx.com
1 www.youtube.com www.pendente-valoresbx.com
1 fonts.googleapis.com www.pendente-valoresbx.com
1 pendente-valoresbx.com 1 redirects
0 localhost Failed connect.facebook.net
22 13

This site contains no links.

Subject Issuer Validity Valid
*.pendente-valoresbx.com
R10		 2024-10-10 -
2025-01-08		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-20 -
2024-10-18		 3 months crt.sh
*.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.bcb.gov.br
Thawte TLS RSA CA G1		 2024-06-06 -
2025-07-07		 a year crt.sh
ipify.org
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
discord.com
WE1		 2024-09-19 -
2024-12-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.pendente-valoresbx.com/
Frame ID: 8F8E86D64549F51EDC147EEF994B2CB6
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vDmpo4d8Gw4
Frame ID: 252D6064A23E487EAD17E9A82172CD76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Valores a receber

Page URL History Show full URLs

  1. http://pendente-valoresbx.com/ HTTP 307
    https://pendente-valoresbx.com/ HTTP 308
    https://www.pendente-valoresbx.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

91 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

363 kB
Transfer

1173 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pendente-valoresbx.com/ HTTP 307
    https://pendente-valoresbx.com/ HTTP 308
    https://www.pendente-valoresbx.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://api.hackertarget.com/geoip?q=154.47.17.57&output=json HTTP 301
  • https://api.hackertarget.com/geoip/?q=154.47.17.57&output=json

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.pendente-valoresbx.com/
Redirect Chain
  • http://pendente-valoresbx.com/
  • https://pendente-valoresbx.com/
  • https://www.pendente-valoresbx.com/
759 B
912 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pendente-valoresbx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
31d11c58ebaf8a3c51240a7943ed7b85e3c2677f0c454cd163855beee8622512
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
6691
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-length
759
content-type
text/html; charset=utf-8
date
Fri, 11 Oct 2024 15:15:41 GMT
etag
"4b5dfcc65bfea7b71b9bd9de7a2578fa"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
iad1::vdnq6-1728659741708-f7eb3f1b9056

Redirect headers

cache-control
public, max-age=0, must-revalidate
content-type
text/html
date
Fri, 11 Oct 2024 15:15:41 GMT
location
https://www.pendente-valoresbx.com/
refresh
0;url=https://www.pendente-valoresbx.com/
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-id
iad1::ntsqf-1728659741391-4b215060bb92
css2
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f95.1e100.net
Software
ESF /
Resource Hash
10bd8dd88fe1c8df3706fcc437d59a0a3b02a8edf06c13be2d39a17adf4694c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.pendente-valoresbx.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 15:15:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 15:15:41 GMT
content-type
text/css; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
index-G1rF9m21.js
www.pendente-valoresbx.com/assets/ 		800 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pendente-valoresbx.com/assets/index-G1rF9m21.js
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7347c468edc4fada4f8a6de0b7d7a6d4361d9cdaf5e5c03a239d76659e2cf7ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.pendente-valoresbx.com
Referer
https://www.pendente-valoresbx.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"76a8e4cbf4685efc43edc4214476cc04"
age
1357
access-control-allow-origin
*
date
Fri, 11 Oct 2024 15:15:41 GMT
content-disposition
inline; filename="index-G1rF9m21.js"
content-type
application/javascript; charset=utf-8
server
Vercel
x-vercel-id
iad1::2s5cs-1728659741796-6b940f8dd150
index-BS0aTWlm.css
www.pendente-valoresbx.com/assets/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pendente-valoresbx.com/assets/index-BS0aTWlm.css
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c074c430bae2739883be25f3c21817b62ec220e7c587363d29d5ebc36a113fd4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.pendente-valoresbx.com
Referer
https://www.pendente-valoresbx.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"cfd5bc10849fda792172fb3974177492"
age
1357
access-control-allow-origin
*
date
Fri, 11 Oct 2024 15:15:41 GMT
content-disposition
inline; filename="index-BS0aTWlm.css"
content-type
text/css; charset=utf-8
server
Vercel
x-vercel-id
iad1::v875c-1728659741796-22d341db8a0f
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/assets/index-G1rF9m21.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.pendente-valoresbx.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 15:15:42 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4426, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
2xfS8T+/fVCysR/t+Ot2a/dW7kVDpvL6zau4FHrTONi1yF4E3jWwvAXsfoYkn0QrMUzPL02ajc/D36S9fgsXpQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?1
vDmpo4d8Gw4
www.youtube.com/embed/ Frame 252D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/vDmpo4d8Gw4
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/assets/index-G1rF9m21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f91.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pendente-valoresbx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 11 Oct 2024 15:15:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
990a8455d516de7f8088ce1149963c50dd1f2da714d6bf74b520b7346c8addd5

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer

Response headers

Content-Type
image/svg+xml
logo-bcb.svg
www.bcb.gov.br/assets/svg/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bcb.gov.br/assets/svg/logo-bcb.svg
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5b97e3e3e7e5f359585215dcd7d33eafeb44468bf643492cccbc4fbea4e3cd22
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.pendente-valoresbx.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
x-cache-info
L1_T2
cache-control
max-age=2592000
etag
"beba9f20fe18db1:0"
x-fd-int-roxy-purgeid
77418665
accept-ranges
bytes
x-cache
TCP_HIT
content-length
4078
date
Fri, 11 Oct 2024 15:15:42 GMT
content-type
image/svg+xml
last-modified
Mon, 07 Oct 2024 21:16:08 GMT
x-azure-ref
20241011T151542Z-174b7fcd4f8g8hs6xtb6vvs61000000000k0000000001n9t
frame-ancestors
'self' https://*.bcb.gov.br
/
api.ipify.org/ 		21 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/assets/index-G1rF9m21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44f6aaac092e60a7e033a70487d4ec7fc5de9f254a03d565022d3fcab66d5cb4

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Accept
application/json, text/plain, */*
Referer
https://www.pendente-valoresbx.com/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8d0fce9d0cbfac96-YYZ
access-control-allow-origin
*
content-length
21
date
Fri, 11 Oct 2024 15:15:42 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api.ipify.org/ 		21 B
73 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/assets/index-G1rF9m21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44f6aaac092e60a7e033a70487d4ec7fc5de9f254a03d565022d3fcab66d5cb4

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.pendente-valoresbx.com/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8d0fce9d8d46ac96-YYZ
access-control-allow-origin
*
content-length
21
date
Fri, 11 Oct 2024 15:15:42 GMT
content-type
application/json
vary
Origin
server
cloudflare
4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f94.1e100.net
Software
sffe /
Resource Hash
f333e1585f5495ef86fb36a5ccbc84efbc2ff3c56d95411618688fd2cdd9cbb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.pendente-valoresbx.com
Referer
https://fonts.googleapis.com/

Response headers

age
269373
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 12:26:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 12:26:09 GMT
last-modified
Wed, 27 Apr 2022 16:53:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14244
x-xss-protection
0
server
sffe
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f94.1e100.net
Software
sffe /
Resource Hash
0903c47e44202c72ad2ee0563b2a05b063bf3cacfe050a4ce5775658e680cab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.pendente-valoresbx.com
Referer
https://fonts.googleapis.com/

Response headers

age
302787
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 03:09:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 03:09:15 GMT
last-modified
Wed, 27 Apr 2022 16:21:52 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14928
x-xss-protection
0
server
sffe
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f94.1e100.net
Software
sffe /
Resource Hash
c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.pendente-valoresbx.com
Referer
https://fonts.googleapis.com/

Response headers

age
241047
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 20:18:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 20:18:15 GMT
last-modified
Wed, 27 Apr 2022 17:00:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14124
x-xss-protection
0
server
sffe
838509878432057
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/838509878432057?v=2.9.170&r=stable&domain=www.pendente-valoresbx.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
08541441e3b50050e0271327118d64de9a2660923b0dc49ffe3a77d2925cd732
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.pendente-valoresbx.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 15:15:42 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=74, mss=1232, tbw=67194, tp=62, tpl=0, uplat=99, ullat=1
pragma
public
x-fb-debug
UH+85DhCR69q9YE9YRPfNOscfzUdZ0N16tFjK8yDKDkRTp8JCA1AJtuGb65f500J9Sgd6MjkqzW3bRKgyPn5rg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
api.hackertarget.com/geoip/
Redirect Chain
  • https://api.hackertarget.com/geoip?q=154.47.17.57&output=json
  • https://api.hackertarget.com/geoip/?q=154.47.17.57&output=json
116 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hackertarget.com/geoip/?q=154.47.17.57&output=json
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/
Protocol
H2
Server
34.136.124.210 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
210.124.136.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9d466b5bd6996ed8dd32beb518d741cd13c787fedaa86910207a10a1f2875c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer

Response headers

x-api-count
0
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-origin
*
content-length
116
x-api-quota
51
date
Fri, 11 Oct 2024 15:15:44 GMT
content-type
text/plain; charset=utf-8
x-api-boost
0
server
nginx
x-frame-options
DENY

Redirect headers

location
/geoip/?q=154.47.17.57&output=json
referrer-policy
same-origin
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
0
date
Fri, 11 Oct 2024 15:15:43 GMT
content-type
text/html; charset=utf-8
server
nginx
_VTg9ugUyOmPXvX_FtgfHmEf6MqZAx7H73di1RsAJlST_bp9STpsR9M1YM3mQKoRthWa
canary.discord.com/api/webhooks/1293991933626028052/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://canary.discord.com/api/webhooks/1293991933626028052/_VTg9ugUyOmPXvX_FtgfHmEf6MqZAx7H73di1RsAJlST_bp9STpsR9M1YM3mQKoRthWa
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/assets/index-G1rF9m21.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/json
Referer
https://www.pendente-valoresbx.com/

Response headers

access-control-expose-headers
Retry-After, X-RateLimit-Global, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Reset-After, X-RateLimit-Bucket, X-RateLimit-Scope, Date
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJFqe4yxEL%2BEzDUNdzEy1SVdZ1ZUhpKWdFSXb%2FCCSJ2%2FNO3%2FwNBOSoG6zAdQLLXMRSK1XaMocHUUvffBMiULz7u6Faw54taK1jNB6Too5q5UBMZVHn%2BXl6lnWTagjekf0QMg3g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, PUT, PATCH, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 15:15:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-ratelimit-reset-after
1
reporting-endpoints
csp-sentry=https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870
content-security-policy
frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-ratelimit-reset
1728659744
via
1.1 google
cf-ray
8d0fce9efaaba232-YYZ
x-ratelimit-remaining
4
access-control-allow-origin
https://www.pendente-valoresbx.com
x-ratelimit-limit
5
x-ratelimit-bucket
3d2712a9e4fe17cc9d3fed4a8e672e5f
server
cloudflare
_VTg9ugUyOmPXvX_FtgfHmEf6MqZAx7H73di1RsAJlST_bp9STpsR9M1YM3mQKoRthWa
canary.discord.com/api/webhooks/1293991933626028052/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://canary.discord.com/api/webhooks/1293991933626028052/_VTg9ugUyOmPXvX_FtgfHmEf6MqZAx7H73di1RsAJlST_bp9STpsR9M1YM3mQKoRthWa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.pendente-valoresbx.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods
POST, GET, PUT, PATCH, DELETE
access-control-allow-origin
https://www.pendente-valoresbx.com
allow
GET, PATCH, DELETE, POST, HEAD, OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d0fce9e5a32a232-YYZ
content-encoding
br
content-security-policy
frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870
content-type
text/html; charset=utf-8
date
Fri, 11 Oct 2024 15:15:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mk%2B8JzRGeyud7sPn7yNDkMQZiy7c3%2FYjD%2FVe0ZuUS4AjN3t0%2BWEh%2F2WdioiClPvwIzTEgK96h0MJjsBpDo5qPAyxXPQlHgDMmy9Jb5JUF4ck%2BhchYkbhlpmfyyYzi83gTDfVnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
reporting-endpoints
csp-sentry=https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
favicon.png
www.pendente-valoresbx.com/ 		300 B
460 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pendente-valoresbx.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b016e3c5ff9cc03c861628a4d666e1e12904c3cbc4f08c55a8df94b6da8acf59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.pendente-valoresbx.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
x-vercel-cache
HIT
etag
"1fecf687eafeb32015eb306f8278e02e"
age
3363
accept-ranges
bytes
access-control-allow-origin
*
content-length
300
date
Fri, 11 Oct 2024 15:15:44 GMT
content-disposition
inline; filename="favicon.png"
content-type
image/png
server
Vercel
x-vercel-id
iad1::bf5jb-1728659744587-09d8dfb574d5
events
graph.facebook.com/v16.0/838509878432057/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/v16.0/838509878432057/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.17 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-02-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.pendente-valoresbx.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-type
application/json; charset=UTF-8
date
Fri, 11 Oct 2024 15:15:44 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v16.0
pragma
no-cache
priority
u=1,i
strict-transport-security
max-age=15552000; preload
vary
Origin
x-ad-api-version-warning
You are calling a deprecated version of the Ads API.
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4429, tp=9, tpl=0, uplat=8, ullat=0
x-fb-debug
YbTRPh+79xdvAZDaCVQ1KNN+rbrMXYkyJIrd7u3EfdqHSNP2ysbXFGdEBEsDEBzzB4Xuc/Ng/stRio0K9grLuw==
x-fb-request-id
AIZwgnElUX-_27tkB_fcgAy
x-fb-rev
1017265572
x-fb-trace-id
CAhuADuyjVq
events
graph.facebook.com/v16.0/838509878432057/ 		101 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/v16.0/838509878432057/events
Requested by
Host: www.pendente-valoresbx.com
URL: https://www.pendente-valoresbx.com/assets/index-G1rF9m21.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.17 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-02-iad3.facebook.com
Software
/
Resource Hash
859e341120efdeed0294c979004a21ad6f97c64a103515dae1fd00c57782a49c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.pendente-valoresbx.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
x-fb-trace-id
Am58HoMXTzx
facebook-api-version
v16.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 15:15:45 GMT
content-type
application/json
vary
Origin
x-fb-debug
4k8xWpiVPbI68mvbuU4u86OBNvyHsX00hM50IVU6GKzj/+dYLPEDYkDy1ytFU0HEKs5WBZhdr7xYCemXCngdHw==
priority
u=1,i
strict-transport-security
max-age=15552000; preload
x-fb-rev
1017265572
cache-control
private, no-cache, no-store, must-revalidate
x-ad-api-version-warning
You are calling a deprecated version of the Ads API.
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=24, mss=1232, tbw=5149, tp=12, tpl=0, uplat=55, ullat=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-fb-request-id
AsffNpP-_TaZIRy3JwzbiOT
access-control-allow-origin
*
content-length
101
/
localhost/ 		0
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=838509878432057&ev=PageView&dl=https%3A%2F%2Fwww.pendente-valoresbx.com%2F&rl=&if=false&ts=1728659745110&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728659745107.743674563674490715&ler=empty&cdl=API_unavailable&it=1728659742265&coo=false&chmd=&chpv=&chfv=undefined&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.pendente-valoresbx.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1316, tbw=2916, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 11 Oct 2024 15:15:45 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=838509878432057&ev=PageView&dl=https%3A%2F%2Fwww.pendente-valoresbx.com%2F&rl=&if=false&ts=1728659745110&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728659745107.743674563674490715&ler=empty&cdl=API_unavailable&it=1728659742265&coo=false&chmd=&chpv=&chfv=undefined&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.pendente-valoresbx.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 15:15:45 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
/MuLILFYqWosPf2/LppBkDiVjjGUWHs6z2iBCGwOeObr4hICCtOiBEQYWx1VjrAXmC+MsI9dmt8a1dKWiTx+pw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1316, tbw=3234, tp=-1, tpl=-1, uplat=9, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
localhost
URL
http://localhost:12387/?aid=fb.1.1728659745107.743674563674490715

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| __reactRouterVersion function| fbq function| _fbq

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 9e0ShjNQDt8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: YTuzBbgEx2s
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDQRIEGgAgQg%3D%3D
.pendente-valoresbx.com/ Name: _fbp
Value: fb.1.1728659745107.743674563674490715

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hackertarget.com
api.ipify.org
canary.discord.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
localhost
pendente-valoresbx.com
www.bcb.gov.br
www.facebook.com
www.pendente-valoresbx.com
www.youtube.com
localhost
104.26.12.205
13.107.253.38
157.240.229.1
157.240.229.17
157.240.229.35
162.159.138.232
173.194.175.94
173.194.68.91
173.194.68.95
34.136.124.210
76.76.21.98
08541441e3b50050e0271327118d64de9a2660923b0dc49ffe3a77d2925cd732
0903c47e44202c72ad2ee0563b2a05b063bf3cacfe050a4ce5775658e680cab9
10bd8dd88fe1c8df3706fcc437d59a0a3b02a8edf06c13be2d39a17adf4694c6
31d11c58ebaf8a3c51240a7943ed7b85e3c2677f0c454cd163855beee8622512
44f6aaac092e60a7e033a70487d4ec7fc5de9f254a03d565022d3fcab66d5cb4
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
5b97e3e3e7e5f359585215dcd7d33eafeb44468bf643492cccbc4fbea4e3cd22
7347c468edc4fada4f8a6de0b7d7a6d4361d9cdaf5e5c03a239d76659e2cf7ba
859e341120efdeed0294c979004a21ad6f97c64a103515dae1fd00c57782a49c
990a8455d516de7f8088ce1149963c50dd1f2da714d6bf74b520b7346c8addd5
9d466b5bd6996ed8dd32beb518d741cd13c787fedaa86910207a10a1f2875c47
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b016e3c5ff9cc03c861628a4d666e1e12904c3cbc4f08c55a8df94b6da8acf59
c074c430bae2739883be25f3c21817b62ec220e7c587363d29d5ebc36a113fd4
c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f333e1585f5495ef86fb36a5ccbc84efbc2ff3c56d95411618688fd2cdd9cbb7