myadvancecare.advancecare.com Open in urlscan Pro
94.46.251.252  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Show response myadvancecare.advancecare.com/vl/	72 KB 9 KB	1420ms 717ms	Document text/html	94.46.251.252 MGONCALVES
General Check archive.org Show headers Download Go to Full URL https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.46.251.252 Matosinhos Municipality, Portugal, ASN41962 (MGONCALVES, PT), Reverse DNS serv22.1-hostingservice.com Software nginx / Resource Hash c63569b9a7ce089be731a51d3e1f74991ddfd1171bfa4b5409588790abcfe04f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 no-cache, must-revalidate, max-age=0 content-encoding gzip content-length 8504 content-type text/html; charset=UTF-8 date Tue, 14 Jun 2022 13:29:57 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding
GET H/1.1	200 OK	Email-Mudar-Ganhar advancecare.pt/-/media/images/	163 KB 164 KB	993ms 68ms	Image image/jpeg	13.74.9.47 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://advancecare.pt/-/media/images/Email-Mudar-Ganhar Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.74.9.47 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software ADV/HTTPD / Resource Hash ef2de29b6dae6b7dceb5db2ff1bba4b0fe745da6bd24ba41ade4630a0459afdd Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Tue, 14 Jun 2022 13:29:57 GMT Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff Content-Disposition inline; filename="Email-Mudar-Ganhar.jpg" Connection Keep-Alive Vary Origin Content-Length 166872 X-XSS-Protection 1; mode=block Request-Context appId=cid-v1:68bc5c27-003b-4ed8-a852-af1b18c5fa79 Access-Control-Allow-Headers Origin, Authorization, Accept Last-Modified Tue, 17 May 2022 13:20:13 GMT Server ADV/HTTPD ETag cabbcfea23fd4184a8d130103eae8710 Access-Control-Max-Age 600 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT Content-Type image/jpeg Access-Control-Expose-Headers Content-Security-Policy, Location Cache-Control public, max-age=604800 Access-Control-Allow-Credentials true Accept-Ranges bytes Keep-Alive timeout=5, max=500
GET H2	200	img-border-blue.png mudareganhar.pt/Emails2022/img/	1 KB 2 KB	236ms 73ms	Image image/png	13.107.246.67 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://mudareganhar.pt/Emails2022/img/img-border-blue.png Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.246.67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5202a025c447a9ac30f8d1dfcb345f427838971b8d3c846c9f74a648f61282ef Security Headers Name Value Strict-Transport-Security max-age=10886400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=10886400 x-content-type-options nosniff last-modified Wed, 02 Feb 2022 13:03:01 GMT x-azure-ref-originshield 0WkWoYgAAAAATCdCE0sKcT5uSRQv5AYunQU1TMDRFREdFMTkxOAA1N2UxODQyOS1kOGJjLTQyZjAtOGNiOS01YTIzZGY4NTc5YzQ= etag "25f52a353518d81:0" x-frame-options SAMEORIGIN x-cache TCP_HIT content-type image/png cache-control max-age=691200 date Tue, 14 Jun 2022 13:29:57 GMT x-azure-ref 0VY2oYgAAAACIAwz7isHsSL/r9aQ4Hl0bQkVSMzBFREdFMDQwNwA1N2UxODQyOS1kOGJjLTQyZjAtOGNiOS01YTIzZGY4NTc5YzQ= accept-ranges bytes content-length 1335 x-xss-protection 1; mode=block
GET H/1.1	200 OK	Mudar-e-Ganhar-Comece-Ja www.advancecare.pt/-/media/images/	7 KB 8 KB	246ms 111ms	Image image/png	13.74.9.47 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.advancecare.pt/-/media/images/Mudar-e-Ganhar-Comece-Ja Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.74.9.47 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software ADV/HTTPD / Resource Hash 359f5cdce0d843d6472ab1bc7d1fe8f7258e6d5b0fd9866825e5725cb2ec1165 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Tue, 14 Jun 2022 13:29:57 GMT Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff Content-Disposition inline; filename="Mudar-e-Ganhar-Comece-Ja.png" Connection Keep-Alive Vary Origin Content-Length 6814 X-XSS-Protection 1; mode=block Request-Context appId=cid-v1:68bc5c27-003b-4ed8-a852-af1b18c5fa79 Access-Control-Allow-Headers Origin, Authorization, Accept Last-Modified Fri, 01 Apr 2022 17:35:07 GMT Server ADV/HTTPD ETag 189b5f7dea6f42289a94bf2352a04594 Access-Control-Max-Age 600 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT Content-Type image/png Access-Control-Expose-Headers Content-Security-Policy, Location Cache-Control public, max-age=604800 Access-Control-Allow-Credentials true Accept-Ranges bytes Keep-Alive timeout=5, max=500
GET H2	200	jquery-1.7.2.js Show response code.jquery.com/	247 KB 72 KB	101ms 41ms	Script application/javascript	2001:4de0:ac18::1:a:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.7.2.js Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 1717ea1fde8ceb7584341a24efc85c853083c660a1185968fbf94520f7193de2 Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 13:29:57 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-3dbd1" vary Accept-Encoding x-hw 1655213397.dop112.am5.t,1655213397.cds263.am5.hn,1655213397.cds287.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 73547
GET H2	200	alerta_bt_fechar_alpha.png myadvancecare.advancecare.com/pub/images/	384 B 504 B	51ms 50ms	Image image/png	94.46.251.252 MGONCALVES
General Check archive.org Show headers Download Go to Show image Full URL https://myadvancecare.advancecare.com/pub/images/alerta_bt_fechar_alpha.png Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.46.251.252 Matosinhos Municipality, Portugal, ASN41962 (MGONCALVES, PT), Reverse DNS serv22.1-hostingservice.com Software nginx / Resource Hash 6de7179921b4a79025c02dca78125df7682db22c6954550ecc564c1be43c6c23 Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 13:29:57 GMT last-modified Tue, 04 Apr 2017 10:29:45 GMT server nginx etag "58e37599-180" content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 384 expires Wed, 14 Jun 2023 13:29:57 GMT
GET H2	200	plusone.js Show response apis.google.com/js/	52 KB 20 KB	286ms 201ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a26a3fa87026939bbff4edb12aeeb5ccdaf171ba63692b480aad2929dd22d4e5 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20319 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" date Tue, 14 Jun 2022 13:29:57 GMT vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 etag "0157f3abbc4abd26" accept-ranges bytes timing-allow-origin * expires Tue, 14 Jun 2022 13:29:57 GMT
GET H2	200	facebook.png myadvancecare.advancecare.com/pub/images/social_icons/16x16/	2 KB 2 KB	52ms 51ms	Image image/png	94.46.251.252 MGONCALVES
General Check archive.org Show headers Download Go to Show image Full URL https://myadvancecare.advancecare.com/pub/images/social_icons/16x16/facebook.png Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.46.251.252 Matosinhos Municipality, Portugal, ASN41962 (MGONCALVES, PT), Reverse DNS serv22.1-hostingservice.com Software nginx / Resource Hash 5dc26c2fd97a4f4867b5ff865e7ab64e88b5d2ea72bc8983a9cbce1347ced34e Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 13:29:57 GMT last-modified Tue, 04 Apr 2017 10:29:45 GMT server nginx etag "58e37599-685" content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 1669 expires Wed, 14 Jun 2023 13:29:57 GMT
GET H2	200	twitter.png myadvancecare.advancecare.com/pub/images/social_icons/16x16/	2 KB 2 KB	52ms 51ms	Image image/png	94.46.251.252 MGONCALVES
General Check archive.org Show headers Download Go to Show image Full URL https://myadvancecare.advancecare.com/pub/images/social_icons/16x16/twitter.png Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.46.251.252 Matosinhos Municipality, Portugal, ASN41962 (MGONCALVES, PT), Reverse DNS serv22.1-hostingservice.com Software nginx / Resource Hash 990e0ccb0d37cc422fa29a0b32306dc26631ca42ac93a39d9150b432a9922549 Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 13:29:57 GMT last-modified Tue, 04 Apr 2017 10:29:45 GMT server nginx etag "58e37599-69a" content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 1690 expires Wed, 14 Jun 2023 13:29:57 GMT
GET H2	200	linkedin.png myadvancecare.advancecare.com/pub/images/social_icons/16x16/	2 KB 2 KB	52ms 51ms	Image image/png	94.46.251.252 MGONCALVES
General Check archive.org Show headers Download Go to Show image Full URL https://myadvancecare.advancecare.com/pub/images/social_icons/16x16/linkedin.png Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.46.251.252 Matosinhos Municipality, Portugal, ASN41962 (MGONCALVES, PT), Reverse DNS serv22.1-hostingservice.com Software nginx / Resource Hash 619f3c8536837023d5122fb37657e4ba9784dbee1ec1addb857bc52b4aeb8c66 Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 13:29:57 GMT last-modified Tue, 04 Apr 2017 10:29:45 GMT server nginx etag "58e37599-690" content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 1680 expires Wed, 14 Jun 2023 13:29:57 GMT
GET H2	200	whatsapp.png myadvancecare.advancecare.com/pub/images/social_icons/16x16/	742 B 810 B	100ms 99ms	Image image/png	94.46.251.252 MGONCALVES
General Check archive.org Show headers Download Go to Show image Full URL https://myadvancecare.advancecare.com/pub/images/social_icons/16x16/whatsapp.png Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.46.251.252 Matosinhos Municipality, Portugal, ASN41962 (MGONCALVES, PT), Reverse DNS serv22.1-hostingservice.com Software nginx / Resource Hash 896990a64f9ba808e9259cd1fa90eef771972555a58ea993a158bf836d8ba3d9 Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 13:29:57 GMT last-modified Mon, 21 Jun 2021 13:46:16 GMT server nginx etag "60d09828-2e6" content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 742 expires Wed, 14 Jun 2023 13:29:57 GMT
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 2 KB	23ms 7ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6c829485580ee57f6fd4048027f07e7e94748922c5d806f9b8cc07756380dfa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 8IFP2vIdCkhSpvPfnT2fKA== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Tue, 14 Jun 2022 13:46:44 GMT alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1686 x-fb-rlafr 0 x-fb-debug 7OeaMUHTl+qx7Pu1yIARc3/XJkCdEOxIr+pbddfkAwimWa0fV6LKNLl4QTn08jHEy1AVjCC9+7Eygkyk8a4bgA== x-fb-trip-id 686109401 x-fb-content-md5 47f9b71600ab663ebfea027d6f33735b cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 14 Jun 2022 13:29:57 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "c7cda736dc225b987640297d42bbf844" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H3	200	all.js Show response connect.facebook.net/en_US/	295 KB 84 KB	16ms 8ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=5def40ca6023975cdd19591737eeb1cd Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 982c0f6e855bf13a685e9f153752767adf89a9030672632985b83870dbeb3213 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://myadvancecare.advancecare.com/ Origin https://myadvancecare.advancecare.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 AEVkbsdwnmTy5QbEuWHeuw== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Wed, 14 Jun 2023 12:04:45 GMT alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 85754 x-fb-rlafr 0 x-fb-debug DiOzCVFOrmxgyaQvCIg5osNtT5NZfiTlLevpFSEpYxZ1nW+5vdJJN8HXx/GYPOPZPPlzAdiCOREJRjJfqVLKbA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 8e1192c9f276868cb06592711f47b209 cross-origin-opener-policy same-origin-allow-popups date Tue, 14 Jun 2022 13:29:57 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "c53ec57d553634ab2d971f2a6af335b7" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H3	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/	149 KB 51 KB	125ms 44ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fab648e70b48e9f17f8e30f58f4cad5a08c132d00e9d12cb97f7674e839b6d4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 09 Jun 2022 09:05:58 GMT content-encoding gzip x-content-type-options nosniff age 447839 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52088 x-xss-protection 0 last-modified Sat, 30 Apr 2022 15:21:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 09 Jun 2023 09:05:58 GMT
GET H2	200	like.php Show response www.facebook.com/plugins/ Frame F2C2	49 KB 18 KB	78ms 63ms	Document text/html	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3193629b8f2934%26domain%3Dmyadvancecare.advancecare.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmyadvancecare.advancecare.com%252Ff2091bc5a59e34c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fmyadvancecare.advancecare.com%2F%2Fvl%2F8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f&locale=en_US&sdk=joey&send=false&show_faces=false&width=450 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=5def40ca6023975cdd19591737eeb1cd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b2132b6f53d7c1532dda6d412f6e763e51ecbc9c5274b83d40099dc97bfc1621 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://myadvancecare.advancecare.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none date Tue, 14 Jun 2022 13:29:57 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug OjPFLLh7Spb9uHJsV372fd8yWbvAN6vrYB+aBW4AnLQ19t2+7UuEQ3VRV5gCYLlBjI6myweYwIcnmQFo1xSx3A== x-fb-rlafr 0 x-xss-protection 0
GET H3	200	cb=gapi.loaded_1 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/	98 KB 34 KB	93ms 41ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/cb=gapi.loaded_1?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash da9d8ce00e07630c93251fe523618c7924140c6babf5af66409a30a47e7143e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://myadvancecare.advancecare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 09 Jun 2022 09:05:58 GMT content-encoding gzip x-content-type-options nosniff age 447839 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34629 x-xss-protection 0 last-modified Sat, 30 Apr 2022 15:21:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 09 Jun 2023 09:05:58 GMT
GET		fastbutton apis.google.com/u/0/se/0/_/+1/ Frame 3852	0 0
GET H2	200	OqOE21UvWe3.png static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame F2C2	400 B 623 B	7ms 7ms	Image image/png	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3193629b8f2934%26domain%3Dmyadvancecare.advancecare.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmyadvancecare.advancecare.com%252Ff2091bc5a59e34c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fmyadvancecare.advancecare.com%2F%2Fvl%2F8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f&locale=en_US&sdk=joey&send=false&show_faces=false&width=450 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 13:29:57 GMT x-content-type-options nosniff content-md5 uF0RL4E+h23ClLQmPOTTMw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 400 x-fb-rlafr 0 x-fb-debug Hly4r1ZdP4xg/VMC/ECIrzs3buZQbz0UwOlHuOwOas9y83tx3UzQ6JdeKM/Ep+RRJgy1tEAE4Da8hJn0pdODiA== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Thu, 08 Jun 2023 05:33:03 GMT
GET H2	200	gRQIe5udswZ.js Show response static.xx.fbcdn.net/rsrc.php/v3iEpO4/yf/l/en_US/ Frame F2C2	526 KB 137 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yf/l/en_US/gRQIe5udswZ.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3193629b8f2934%26domain%3Dmyadvancecare.advancecare.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmyadvancecare.advancecare.com%252Ff2091bc5a59e34c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fmyadvancecare.advancecare.com%2F%2Fvl%2F8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f&locale=en_US&sdk=joey&send=false&show_faces=false&width=450 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 307983dcb48f5280f17df915b7ead64dbfd75a8a3b8446a44dbd53bfce1c472f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 13:29:57 GMT content-encoding br x-content-type-options nosniff content-md5 uxqPQOYLwYFWTUyH830V1g== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 140098 x-fb-rlafr 0 x-fb-debug dpRbighDc91Bf0HeLZ/C4305KRLDVM1ui5+Ez/dMid8AY29HMDdjhDGjbDJnV1oLCISsBFmovN1TgdgP86D26w== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Wed, 14 Jun 2023 02:18:48 GMT
GET H2	200	postmessageRelay Show response accounts.google.com/o/oauth2/ Frame 6810	564 B 902 B	147ms 50ms	Document text/html	2a00:1450:4001:831::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmyadvancecare.advancecare.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.DslNQi6QjWY.O%2Fd%3D1%2Frs%3DAHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA%2Fm%3D__features__ Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/cb=gapi.loaded_1?le=scs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5ba0792aaa92474beda29e2c45a621c079536e2763d366527bd7388ccd594c34 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-qR2a0APNH1avxzBoKd8kKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://myadvancecare.advancecare.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-qR2a0APNH1avxzBoKd8kKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport content-type text/html; charset=utf-8 date Tue, 14 Jun 2022 13:29:57 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache server ESF x-content-type-options nosniff x-xss-protection 0
POST H3	204	cspreport accounts.google.com/o/ Frame 6810	0 20 B	134ms 50ms	Other text/html	2a00:1450:4001:831::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/cspreport Requested by Host: myadvancecare.advancecare.com URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-2IjMY87LRiiKeqtwXaFUIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmyadvancecare.advancecare.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.DslNQi6QjWY.O%2Fd%3D1%2Frs%3DAHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA%2Fm%3D__features__ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Tue, 14 Jun 2022 13:29:58 GMT x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-2IjMY87LRiiKeqtwXaFUIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	23066399-postmessagerelay.js Show response ssl.gstatic.com/accounts/o/ Frame 6810	10 KB 5 KB	124ms 39ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/accounts/o/23066399-postmessagerelay.js Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmyadvancecare.advancecare.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.DslNQi6QjWY.O%2Fd%3D1%2Frs%3DAHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA%2Fm%3D__features__ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 57dbe899a2b5c804f6e667838d56d9467d692e449dce19c7f9e48e84776c0ccd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 13 Jun 2022 20:13:03 GMT content-encoding gzip x-content-type-options nosniff age 62215 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4281 x-xss-protection 0 last-modified Tue, 07 Jun 2022 00:10:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="federated-signon-mpm-access" vary Accept-Encoding report-to {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 13 Jun 2023 20:13:03 GMT
GET H3	200	rpc:shindig_random.js Show response apis.google.com/js/ Frame 6810	14 KB 5 KB	48ms 47ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/rpc:shindig_random.js?onload=init Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmyadvancecare.advancecare.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.DslNQi6QjWY.O%2Fd%3D1%2Frs%3DAHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA%2Fm%3D__features__ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2de1fd6fca29889da3a1cdab6720d42dd91066a40ae67437e477c7a01d567f18 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5528 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" date Tue, 14 Jun 2022 13:29:57 GMT vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 etag "8d8e8363fb5da59a" accept-ranges bytes timing-allow-origin * expires Tue, 14 Jun 2022 13:29:57 GMT
GET H3	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/ Frame 6810	54 KB 19 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56b07565b3a0c07885564f4beb0c32f24cc228bbbd30690bdbd6e833c096fbdd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 09 Jun 2022 09:06:00 GMT content-encoding gzip x-content-type-options nosniff age 447838 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19129 x-xss-protection 0 last-modified Sat, 30 Apr 2022 15:21:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 09 Jun 2023 09:06:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

apis.google.com

URL

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&recommendations=false&origin=https%3A%2F%2Fmyadvancecare.advancecare.com&url=https%3A%2F%2Fmyadvancecare.advancecare.com%2F%2Fvl%2F8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.DslNQi6QjWY.O%2Fd%3D1%2Frs%3DAHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA%2Fm%3D__features__

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery function| showShareBar function| makeMeResponsible function| fbAsyncInit function| update_fb_like_count function| update_fb_share_count function| updateShareCount function| updateLikeCount function| updateGooglePlusCount number| popupStatus number| popupStatus2 function| loadPopup function| loadPopup2 function| disablePopup function| disablePopup2 function| centerPopup function| centerPopup2 function| fbShare function| google_plus_share object| FB object| gapi object| ___jsl function| google_plus_callback function| renderPlusone object| jQuery172006473682875830411 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			myadvancecare.advancecare.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6kt42flc3mmj5v5etisos4tbo4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f(Line 160) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security	error	URL: https://apis.google.com/js/plusone.js(Line 61) Message: Mixed Content: The page at 'https://myadvancecare.advancecare.com/vl/8759-147e265adb692dfa4c92f23981c74d56f04fereMKRCe69Xse20-ac-057f' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1655213397633&_gfid=I0_1655213397633&parent=https%3A%2F%2Fmyadvancecare.advancecare.com&pfname=&rpctoken=53156638'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
advancecare.pt
apis.google.com
code.jquery.com
connect.facebook.net
mudareganhar.pt
myadvancecare.advancecare.com
ssl.gstatic.com
static.xx.fbcdn.net
www.advancecare.pt
www.facebook.com
apis.google.com
13.107.246.67
13.74.9.47
2001:4de0:ac18::1:a:2a
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
94.46.251.252
1717ea1fde8ceb7584341a24efc85c853083c660a1185968fbf94520f7193de2
2de1fd6fca29889da3a1cdab6720d42dd91066a40ae67437e477c7a01d567f18
307983dcb48f5280f17df915b7ead64dbfd75a8a3b8446a44dbd53bfce1c472f
359f5cdce0d843d6472ab1bc7d1fe8f7258e6d5b0fd9866825e5725cb2ec1165
5202a025c447a9ac30f8d1dfcb345f427838971b8d3c846c9f74a648f61282ef
56b07565b3a0c07885564f4beb0c32f24cc228bbbd30690bdbd6e833c096fbdd
57dbe899a2b5c804f6e667838d56d9467d692e449dce19c7f9e48e84776c0ccd
5ba0792aaa92474beda29e2c45a621c079536e2763d366527bd7388ccd594c34
5dc26c2fd97a4f4867b5ff865e7ab64e88b5d2ea72bc8983a9cbce1347ced34e
619f3c8536837023d5122fb37657e4ba9784dbee1ec1addb857bc52b4aeb8c66
6c829485580ee57f6fd4048027f07e7e94748922c5d806f9b8cc07756380dfa4
6de7179921b4a79025c02dca78125df7682db22c6954550ecc564c1be43c6c23
896990a64f9ba808e9259cd1fa90eef771972555a58ea993a158bf836d8ba3d9
982c0f6e855bf13a685e9f153752767adf89a9030672632985b83870dbeb3213
990e0ccb0d37cc422fa29a0b32306dc26631ca42ac93a39d9150b432a9922549
a26a3fa87026939bbff4edb12aeeb5ccdaf171ba63692b480aad2929dd22d4e5
b2132b6f53d7c1532dda6d412f6e763e51ecbc9c5274b83d40099dc97bfc1621
c63569b9a7ce089be731a51d3e1f74991ddfd1171bfa4b5409588790abcfe04f
da9d8ce00e07630c93251fe523618c7924140c6babf5af66409a30a47e7143e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef2de29b6dae6b7dceb5db2ff1bba4b0fe745da6bd24ba41ade4630a0459afdd
fab648e70b48e9f17f8e30f58f4cad5a08c132d00e9d12cb97f7674e839b6d4d