urlscan.io logo urlscan.io
SecurityTrails logo

telefonica.treetools.com.br Open in urlscan Pro
20.226.31.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://telefonica.treetools.com.br/
Effective URL: https://telefonica.treetools.com.br/sb3/
Submission: On December 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 20.226.31.107, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is telefonica.treetools.com.br.
TLS certificate: Issued by Thawte RSA CA 2018 on May 20th 2022. Valid for: a year.
This is the only time telefonica.treetools.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 20.226.31.107 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
23 3
Apex Domain
Subdomains		 Transfer
16 treetools.com.br
telefonica.treetools.com.br
410 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
1 KB
0 gstatic.com Failed
fonts.gstatic.com Failed
23 3
Domain Requested by
16 telefonica.treetools.com.br 2 redirects telefonica.treetools.com.br
1 fonts.googleapis.com telefonica.treetools.com.br
0 fonts.gstatic.com Failed fonts.googleapis.com
23 3

This site contains no links.

Subject Issuer Validity Valid
*.treetools.com.br
Thawte RSA CA 2018		 2022-05-20 -
2023-05-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://telefonica.treetools.com.br/sb3/
Frame ID: DAEE6FB8D6A9339888CF68F52361A9D7
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Servicebot-3

Page URL History Show full URLs

  1. http://telefonica.treetools.com.br/ HTTP 301
    https://telefonica.treetools.com.br/ HTTP 302
    https://telefonica.treetools.com.br/sb3/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • zkau/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

23
Requests

65 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

411 kB
Transfer

1984 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://telefonica.treetools.com.br/ HTTP 301
    https://telefonica.treetools.com.br/ HTTP 302
    https://telefonica.treetools.com.br/sb3/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
telefonica.treetools.com.br/sb3/
Redirect Chain
  • http://telefonica.treetools.com.br/
  • https://telefonica.treetools.com.br/
  • https://telefonica.treetools.com.br/sb3/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
b889a6029c19129004cb9216bb1c6518ac83f68fedab150523b0e92680e68145
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=2, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Length
1115
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Content-Type
text/html;charset=UTF-8
Date
Thu, 29 Dec 2022 12:48:34 GMT
Expires
-1
Keep-Alive
timeout=5, max=99
Permissions-Policy
magnetometer=(self),gyroscope=()
Pragma
no-cache
Referrer-Policy
origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1;mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
224
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 29 Dec 2022 12:48:33 GMT
Keep-Alive
timeout=5, max=100
Location
https://telefonica.treetools.com.br/sb3/
Permissions-Policy
magnetometer=(self),gyroscope=()
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
zk.wpd
telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/ 		2 MB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
b37a37c7eaa38055241f78b29a8d8d23997b5f198e5026712003eafc9c02759d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
225538
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Thu, 29 Dec 2022 12:48:34 GMT
Server
Apache
Content-Language
en-US
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Keep-Alive
timeout=5, max=98
Expires
Fri, 29 Dec 2023 12:48:34 GMT
zul.lang.wpd
telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zul.lang.wpd
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
8eaa545f09a555673cd8386d079dd9ea8eeca50aa0be6ac5f21bf2c56eb1c167
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Referrer-Policy
origin
Content-Language
en-US
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1606
X-XSS-Protection
1;mode=block
zkbind.wpd
telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zkbind.wpd
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
854f5acb0e8b1805b29669d36f37847472be8525ad20dec3522fd1ca30083352
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
1498
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Thu, 29 Dec 2022 12:48:34 GMT
Server
Apache
Content-Language
en-US
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Keep-Alive
timeout=5, max=100
Expires
Fri, 29 Dec 2023 12:48:35 GMT
zuljsp.js
telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/ 		581 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zuljsp.js
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
6c1027663b99a47d19cfa242ce17a190aa37336b0b1b1a6b10bb980dbb6da8fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
302
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Thu, 29 Dec 2022 12:48:35 GMT
Server
Apache
Content-Language
en-US
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Keep-Alive
timeout=5, max=100
Expires
Fri, 29 Dec 2023 08:00:11 GMT
zk.wcs
telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/_zkiju-cerulean/zul/css/ 		198 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/_zkiju-cerulean/zul/css/zk.wcs
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
ec0fb5a1ae42d45014c8d78676925232167b3859c243155ec48bbb881f0af186
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
32799
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Thu, 29 Dec 2022 12:48:34 GMT
Server
Apache
Content-Language
en-US
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Keep-Alive
timeout=5, max=100
Expires
Fri, 29 Dec 2023 12:48:35 GMT
font-style.css
telefonica.treetools.com.br/sb3/css/ 		852 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/css/font-style.css
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
386d2ac920e64343f5c6988218925a94408a574db280f4da1b153fcab7f40ede
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
852
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Wed, 11 May 2022 19:39:00 GMT
Server
Apache
ETag
W/"852-1652297940000"
Content-Type
text/css
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Dec 2022 12:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 11:40:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Dec 2022 12:48:35 GMT
servicebot3js.js
telefonica.treetools.com.br/sb3/js/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/js/servicebot3js.js
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
88bee67a1bec92c8cb53b79bb1ff6a50df965aabe657b0f0831452f26990be59
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
8249
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Wed, 11 May 2022 19:40:16 GMT
Server
Apache
ETag
W/"8249-1652298016000"
Content-Type
application/javascript
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
zul.layout.wpd
telefonica.treetools.com.br/sb3/zkau/web/_zv2022052716/js/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/_zv2022052716/js/zul.layout.wpd
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
ff9d622d3252b05a125c7d6c8542d78887b6a703b3c1a3bec1f1132c482cd544
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
7861
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Thu, 29 Dec 2022 12:48:34 GMT
Server
Apache
Content-Language
en-US
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Keep-Alive
timeout=5, max=99
Expires
Fri, 29 Dec 2023 12:48:36 GMT
zul.box.wpd
telefonica.treetools.com.br/sb3/zkau/web/_zv2022052716/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/_zv2022052716/js/zul.box.wpd
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
8f5ad6505a93d944c2c2e20f5949ddeb8547ed097afb9aa1a0b3c4233db76ed8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
8884
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Thu, 29 Dec 2022 12:48:34 GMT
Server
Apache
Content-Language
en-US
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Keep-Alive
timeout=5, max=98
Expires
Fri, 29 Dec 2023 12:48:36 GMT
zul.utl.wpd
telefonica.treetools.com.br/sb3/zkau/web/_zv2022052716/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/_zv2022052716/js/zul.utl.wpd
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e5474e76ed526145f4018d8abfde58f43de625b2f78fee2c08b24d0b12718eb7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
1546
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Thu, 29 Dec 2022 12:48:34 GMT
Server
Apache
Content-Language
en-US
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Keep-Alive
timeout=5, max=97
Expires
Fri, 29 Dec 2023 12:48:36 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4taVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 		0
0
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 		0
0
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4saVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 		0
0
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 		0
0
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4iaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 		0
0
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 		0
0
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 		0
0
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		0
0
progress.gif
telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/cerulean/zul/img/misc/ 		954 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/cerulean/zul/img/misc/progress.gif
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/_zkiju-cerulean/zul/css/zk.wcs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
cb6eda58f30c21336946d5af060056a582b2a2cf2251371a25f52fc1ab915be7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
954
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Thu, 29 Dec 2022 12:48:35 GMT
Server
Apache
Content-Language
en-US
Content-Type
image/gif;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Keep-Alive
timeout=5, max=98
Expires
Fri, 29 Dec 2023 08:00:11 GMT
fontawesome-webfont.woff
telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/zul/less/font/ 		96 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/zul/less/font/fontawesome-webfont.woff?v=4.0.1
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/_zkiju-cerulean/zul/css/zk.wcs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
51017e70a9b08aa5631d86786dd0cb6470af63afc4183d9fe26765d7e993788a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://telefonica.treetools.com.br/
Origin
https://telefonica.treetools.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
98024
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Thu, 29 Dec 2022 12:48:35 GMT
Server
Apache
Content-Language
en-US
Content-Type
;charset=UTF-8;charset=UTF-8
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Keep-Alive
timeout=5, max=97
Expires
Fri, 29 Dec 2023 08:00:11 GMT
logo_entrada_03.png
telefonica.treetools.com.br/sb3/images/ 		9 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telefonica.treetools.com.br/sb3/images/logo_entrada_03.png
Requested by
Host: telefonica.treetools.com.br
URL: https://telefonica.treetools.com.br/sb3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.226.31.107 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
ddb782845a9a2c388679bc1b59c3d7c19cba4c5acbf1f3d1346903691dd2b8eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://telefonica.treetools.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:48:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Connection
Keep-Alive
Content-Length
9638
X-XSS-Protection
1;mode=block
Referrer-Policy
origin
Last-Modified
Wed, 11 May 2022 19:40:12 GMT
Server
Apache
ETag
W/"9638-1652298012000"
Content-Type
image/png
Cache-Control
max-age=2, private
Permissions-Policy
magnetometer=(self),gyroscope=()
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4taVIGxA.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4saVIGxA.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVIGxA.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4iaVIGxA.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| $jscomp object| Dates object| tzdata function| zkopt function| zkpi function| zkpb function| zkver function| zkmld function| zkamn function| onIframeURLChange function| DateImpl function| parseTzId function| $eval boolean| zkInitCrashTimer function| $ function| jQuery function| jq function| zk object| matched function| _zkf function| zjq object| zWatch function| zkf object| zUtl function| zkreg object| zkservice function| zkpe function| zkdt function| zkx function| zkx_ function| zkac function| zkmx function| zkmb function| zkme function| zkdh object| zAu object| zFlex object| zkmax object| zWs object| zul object| msgzk object| msgzul function| a$mold$ function| cell$mold$ function| div$mold$ function| span$mold$ function| idspace$mold$ function| include$mold$ function| label$mold$ function| button$mold$ function| separator$mold$ function| space$mold$ function| caption$mold$ function| checkbox$mold$ function| groupbox$mold$ function| html$mold$ function| popup$mold$ function| radio$mold$ function| radiogroup$mold$ function| toolbarpanel$mold$ function| toolbar$mold$ function| toolbarbutton$mold$ function| image$mold$ function| imagemap$mold$ function| area$mold$ function| progressmeter$mold$ function| combobutton$mold$ function| selectbox$mold$ function| rating$mold$ object| zkbind undefined| oldRedraw object| size string| openWindow string| popUpBlockMsg function| setMsg function| openNewWindow function| closeWin function| openWindowHelp function| openNewWindowDashboard function| getWindowSize function| openWindowRightSizeScreen function| openWindowCallScreen function| openWindowCallSimplifiedScreen function| popupCenter function| openWindowCaseScreen undefined| popup function| openWindowCaseScreenEdit function| openWindowSecPerson function| openWindowRightSizeScreenCall function| openScreenType object| winChat function| openScreenChat object| jQuery1102016675508940718586 function| style$mold$ function| iframe$mold$ function| hbox$mold$ function| vbox$mold$ function| splitter$mold$ function| layout$mold$ function| borderlayout$mold$ function| layoutregion$mold$ function| absolutelayout$mold$ function| absolutechildren$mold$ function| anchorlayout$mold$ function| anchorchildren$mold$ undefined| title

1 Cookies

Domain/Path Name / Value
telefonica.treetools.com.br/sb3 Name: JSESSIONID
Value: B19D819EDCB832E92DF06731029B5142

8 Console Messages

Source Level URL
Text
security error URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd(Line 104)
Message:
Refused to load the font 'https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4taVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self' 'unsafe-eval' blob: data:".
security error URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd(Line 104)
Message:
Refused to load the font 'https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self' 'unsafe-eval' blob: data:".
security error URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd(Line 104)
Message:
Refused to load the font 'https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4saVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self' 'unsafe-eval' blob: data:".
security error URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd(Line 104)
Message:
Refused to load the font 'https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self' 'unsafe-eval' blob: data:".
security error URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd(Line 104)
Message:
Refused to load the font 'https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4iaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self' 'unsafe-eval' blob: data:".
security error URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd(Line 104)
Message:
Refused to load the font 'https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self' 'unsafe-eval' blob: data:".
security error URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd(Line 104)
Message:
Refused to load the font 'https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2' because it violates the following Content Security Policy directive: "font-src 'self' 'unsafe-eval' blob: data:".
security error URL: https://telefonica.treetools.com.br/sb3/zkau/web/cf3277bf/js/zk.wpd(Line 104)
Message:
Refused to load the font 'https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2' because it violates the following Content Security Policy directive: "font-src 'self' 'unsafe-eval' blob: data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://pda.tlfbpo.com.br https://cedro.treetools.com.br ; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: mediastream: blob: mailto: filesystem: * https://login.microsoftonline.com/ ; script-src 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: blob: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * *.googleapis.com; font-src 'self' 'unsafe-eval' blob: data: ; media-src 'self' data: ; connect-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https://login.microsoftonline.com/ ; object-src 'self' data: ; base-uri 'self' 'unsafe-eval' 'unsafe-inline' blob: data: *; form-action 'self' https://login.microsoftonline.com/ ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' data: mediastream: blob: mailto: filesystem: * chat.zul ; child-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * ; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block