urlscan.io logo urlscan.io
SecurityTrails logo

oferta.proteste.org.br Open in urlscan Pro
2606:4700::6812:b615  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://oferta.proteste.org.br/
Effective URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Submission: On March 29 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 35 HTTP transactions. The main IP is 2606:4700::6812:b615, located in United States and belongs to CLOUDFLARENET, US. The main domain is oferta.proteste.org.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2020. Valid for: a year.
This is the only time oferta.proteste.org.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 26 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.111.9.35 33438 (HIGHWINDS2)
2 13.226.159.100 16509 (AMAZON-02)
2 170.82.174.10 266444 (3L CLOUD ...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.159.18 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
35 9
26    2606:4700::6812:b615 (United States)

ASN13335 (CLOUDFLARENET, US)
oferta.proteste.org.br
1    23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
2    13.226.159.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-100.dus51.r.cloudfront.net
static.hotjar.com
vars.hotjar.com
2    170.82.174.10 (São Paulo, Brazil)

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)
img.selecoesbrasil.com.br
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.226.159.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-18.dus51.r.cloudfront.net
script.hotjar.com
2    2600:9000:211e:ba00:5:b326:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d3syt8dxf5vnwf.cloudfront.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
26 oferta.proteste.org.br 2 redirects oferta.proteste.org.br
2 d3syt8dxf5vnwf.cloudfront.net oferta.proteste.org.br
2 www.google-analytics.com oferta.proteste.org.br
www.google-analytics.com
2 img.selecoesbrasil.com.br oferta.proteste.org.br
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com oferta.proteste.org.br
1 use.fontawesome.com oferta.proteste.org.br
35 9

This site contains no links.

Subject Issuer Validity Valid
proteste.org.br
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
img.selecoesbrasil.com.br
R3		 2021-01-24 -
2021-04-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://oferta.proteste.org.br/2019/EdmBeneficios
Frame ID: F87C7A452865C6E5B399D19A79D75E08
Requests: 34 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: ECBFC39411844FC0AAB1CD70B5F26FEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://oferta.proteste.org.br/ HTTP 301
    https://oferta.proteste.org.br/ HTTP 302
    https://oferta.proteste.org.br/2019/EdmBeneficios Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

35
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

9
IPs

4
Countries

1911 kB
Transfer

2604 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://oferta.proteste.org.br/ HTTP 301
    https://oferta.proteste.org.br/ HTTP 302
    https://oferta.proteste.org.br/2019/EdmBeneficios Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request EdmBeneficios
oferta.proteste.org.br/2019/
Redirect Chain
  • http://oferta.proteste.org.br/
  • https://oferta.proteste.org.br/
  • https://oferta.proteste.org.br/2019/EdmBeneficios
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8c13c5ea4bc2683d7b9960d3ae61052c25921e085d2dd2797ea40e94e3d155f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
oferta.proteste.org.br
:scheme
https
:path
/2019/EdmBeneficios
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d39883e23c691d746d4c8e0a61987d57a1617013055; ASP.NET_SessionId=rfctmkn4qtd2urtd0mxvgp43; ARRAffinity_Promo=78447399b36f7c70dcf75ca85f83fa10077d17171d93cd85b7e674b4fba21ef9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
upgrade-insecure-requests;
cf-cache-status
DYNAMIC
cf-request-id
091f1637220000062dbc096000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6378596b6a45062d-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 29 Mar 2021 10:17:35 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d39883e23c691d746d4c8e0a61987d57a1617013055; expires=Wed, 28-Apr-21 10:17:35 GMT; path=/; domain=.proteste.org.br; HttpOnly; SameSite=Lax; Secure ASP.NET_SessionId=rfctmkn4qtd2urtd0mxvgp43; path=/; HttpOnly; Secure ARRAffinity_Promo=78447399b36f7c70dcf75ca85f83fa10077d17171d93cd85b7e674b4fba21ef9;Path=/;Domain=oferta.proteste.org.br; Secure
cache-control
private
location
/2019/EdmBeneficios
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
upgrade-insecure-requests;
cf-cache-status
DYNAMIC
cf-request-id
091f1636980000062dfe388000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6378596a8910062d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
edmBeneficios
oferta.proteste.org.br/styles/2019/ 		178 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oferta.proteste.org.br/styles/2019/edmBeneficios?v=TWcM_Rtr7Htvr7f0d2vQPrdTLKDwAXKS1he1ODOWiIw1
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d518dc3bec530f7107eb5749c30a8486c4b54a88d964b474c9a3824a096ef4cd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
091f1637a30000062dfd8e0000000001
last-modified
Mon, 29 Mar 2021 10:17:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
text/css; charset=utf-8
vary
User-Agent,Accept-Encoding
cache-control
public
content-security-policy
upgrade-insecure-requests;
cf-ray
6378596c3b96062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
functionsOC.js
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Scripts/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Scripts/functionsOC.js
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
53a09582053dd17e4452f8b76efed491083b520e187343ed5d6db9200c6a085b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
091f1637a10000062db614d000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
W/"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
cf-ray
6378596c3b97062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin
https://oferta.proteste.org.br
Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:35 GMT
server
NetDNA-cache/2.2
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
SMARTWATCH_roxo_rosa_201711_logo.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/SMARTWATCH_roxo_rosa_201711_logo.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
904d1ce31da704f81832e65663033ce5634eb406c1c0fe22a56ea0ebc8b8bd49
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3448
cf-request-id
091f16383f0000062d28292000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d48062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
pessoas_felizes2.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		732 KB
733 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/pessoas_felizes2.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2e4488c28d1ae50b62c6bd064cfa1b8a2990034968a1fcde780fcb3fe83be1e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
749963
cf-request-id
091f16383f0000062df5b7b000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d4a062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_fundo_verde_topo.jpg
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_fundo_verde_topo.jpg
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e9f94e5ae18dbe5af1f2ae231cdf68bed9acba893a773cacad7bf05eb3b87d8e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41594
cf-request-id
091f16383f0000062d1bb1f000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d4c062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201801_beneficios_icone_1.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201801_beneficios_icone_1.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f2f989ae8cb0935b9d928ffd140e67806022c38db398000e41075b3b9d143419
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2443
cf-request-id
091f16383f0000062db0221000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d4d062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201801_beneficios_icone_2.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201801_beneficios_icone_2.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
80d9c120287bf8f91fdfc4401114dbfc29d2feec8d4ad7e5a62ce6cc173e266f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3670
cf-request-id
091f1638400000062d1998c000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d50062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201801_beneficios_icone_3.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201801_beneficios_icone_3.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
17d2bc9f28786fa0ba3b91daa9e62386cd053da1c958d219e69e1bcb5f617ffb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2709
cf-request-id
091f1638400000062d1aaf2000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d52062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201801_beneficios_icone_4.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201801_beneficios_icone_4.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e351f00537232d842d23c0be22b98d547db64ff3bee7e93cf9b9140018c2097f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2987
cf-request-id
091f1638410000062dbd2e6000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d54062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201801_beneficios_icone_5.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201801_beneficios_icone_5.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3faa91b5b775f58ff941b8ebbe47a982d4c6481de5d879770ae09dbae123a54d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2860
cf-request-id
091f1638400000062db6156000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d55062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_features_cartao2.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		247 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_features_cartao2.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5c521abab9d2b33041aea7a20a9939c52c6b97abaf0317e388c2e99a13be74df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
252720
cf-request-id
091f1638400000062ded1e8000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d56062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_icone_vidaclass_1.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_icone_vidaclass_1.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fbd2b7bab377fc97d496b601ed91913e2dc73e21102dc97770423b30bc0b4d89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1421
cf-request-id
091f1638400000062de481c000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d57062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_icone_vidaclass_2.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_icone_vidaclass_2.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a7e92c7170325db30cf115ec411729bdf8c054d22a91be2d3b9b72cd257ab85a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1461
cf-request-id
091f1638410000062dfb0ec000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d58062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_icone_vidaclass_3.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_icone_vidaclass_3.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0b988b7277cec58dd8b9af1b1ae4c03294d652d88df46510dc7e678b6021122f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2543
cf-request-id
091f1638410000062dfd8ea000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d59062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_check.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		539 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_check.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ba54cbbd5dce710a82c4372a8d8c1f4cc3ad417feeb5ba530859ae9d772f701e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
539
cf-request-id
091f1638450000062dbd2e7000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d5a062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_revistas_proteste.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		294 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_revistas_proteste.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
364331862f15634156a14528b199339ea59fb24601eab9e7d171dcc1d37b2700
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
300624
cf-request-id
091f1638410000062d0e280000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d5b062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_revistas_proteste_MOBILE.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		318 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_revistas_proteste_MOBILE.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
93a5d4f3d7ceab732e8664bf6277a477357bb809563127368a81d18ed43bdcae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
325564
cf-request-id
091f1638410000062de00cd000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d5d062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_clube_beneficios_icone_1.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_clube_beneficios_icone_1.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
15e4bdc562e07662c2385aef99d1d4bc3215494fdb5c3490ec48b30cdde682b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2645
cf-request-id
091f1638410000062d01bf9000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d5e062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_clube_beneficios_icone_2.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_clube_beneficios_icone_2.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
df73640a9ff7a31656ca9739737dd07053cd081e9869f87464dfbadda4ed5b92
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2653
cf-request-id
091f1638410000062df21c2000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d5f062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_clube_beneficios_icone_3.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_clube_beneficios_icone_3.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c73ca191f5ad425f9394ebf22756f5f290418e81ab312b4b764fbc1b35d83037
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2415
cf-request-id
091f1638430000062dc6a61000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d6a062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_clube_beneficios_icone_4.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_clube_beneficios_icone_4.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a2105789ce69dc2576ecd987aa42f756fe0f3e48f1bfd7c8411f96fae4ef668c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2295
cf-request-id
091f1638440000062d092b0000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d6b062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
EDM_BENEFICIOS_201807_farmacia.png
oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oferta.proteste.org.br/Assets/Y2019/EdmBeneficios/Images/EDM_BENEFICIOS_201807_farmacia.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
eb0ce3f48db178abe50fe422a4a2fb55ef26bf2f343016f0e223733183632dfe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5105
cf-request-id
091f1638440000062dd5347000000001
last-modified
Thu, 04 Feb 2021 08:53:58 GMT
server
cloudflare
etag
"0d76346d3fad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6378596d3d6d062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
edmBeneficios
oferta.proteste.org.br/bundles/2019/ 		214 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oferta.proteste.org.br/bundles/2019/edmBeneficios?v=HxU2cSxd7ZcjnqzFLIOONY1uPFg79A3uDjShu7Guzn41
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2285d3dfd9f4f277902c923205fb6ac306cc3b2e4978fefaf079ca155d8c4208
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/2019/EdmBeneficios
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
091f1638330000062dfd8e9000000001
last-modified
Mon, 29 Mar 2021 10:17:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
text/javascript; charset=utf-8
vary
User-Agent,Accept-Encoding
cache-control
public
content-security-policy
upgrade-insecure-requests;
cf-ray
6378596d1d2d062d-FRA
expires
Tue, 29 Mar 2022 10:17:35 GMT
hotjar-331989.js
static.hotjar.com/c/ 		139 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-331989.js?sv=6
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-100.dus51.r.cloudfront.net
Software
/
Resource Hash
f862c3916c6c1ccab96f0657b855ca56201cde7efa7dc8fec85e09177aa801cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
55
etag
W/2aa05546f06a30a95e1baaacdb84995d
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
MuRkKpE9WmTNcokyFw63yfzJvh3ujk4nmUO_RM7sfW6SO7I9y5nkag==
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
EDM_BENEFICIOS_201807_imagem_mulher_mobile.png
img.selecoesbrasil.com.br/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.selecoesbrasil.com.br/EDM_BENEFICIOS_201807_imagem_mulher_mobile.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/styles/2019/edmBeneficios?v=TWcM_Rtr7Htvr7f0d2vQPrdTLKDwAXKS1he1ODOWiIw1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache / ASP.NET
Resource Hash
9bb4e6c886053b1c58714d8cb77f4854a9e9da92c57d51d1511224c82189d48e

Request headers

Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:38 GMT
etag
"abe2f049d654d41:0"
last-modified
Tue, 25 Sep 2018 13:47:24 GMT
server
gocache
x-gocache-image
optimized
x-powered-by
ASP.NET
x-gocache-cachestatus
EXPIRED, EXPIRED
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
content-length
13278
expires
Mon, 29 Mar 2021 14:17:39 GMT
EDM_BENEFICIOS_201807_fundo_verde_final.png
img.selecoesbrasil.com.br/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.selecoesbrasil.com.br/EDM_BENEFICIOS_201807_fundo_verde_final.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/styles/2019/edmBeneficios?v=TWcM_Rtr7Htvr7f0d2vQPrdTLKDwAXKS1he1ODOWiIw1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache / ASP.NET
Resource Hash
77c915c7132c2c5c02ec9bc2691d956e392c3ba01cbd90f5c5a61d17fd820e3d

Request headers

Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:17:36 GMT
etag
"e48ef299bf1ad41:0"
last-modified
Fri, 13 Jul 2018 15:38:52 GMT
server
gocache
x-gocache-image
optimized
x-powered-by
ASP.NET
x-gocache-cachestatus
MISS, EXPIRED
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
content-length
7342
expires
Mon, 29 Mar 2021 14:17:37 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
148
date
Mon, 29 Mar 2021 10:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 29 Mar 2021 12:15:07 GMT
modules.35981999a656a5a28309.js
script.hotjar.com/ 		217 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.35981999a656a5a28309.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-331989.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-18.dus51.r.cloudfront.net
Software
/
Resource Hash
be26dc83d31ea12211104016f94a8df96762c716ff80ef9859b5d87d5ef19ba4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Wed, 24 Mar 2021 12:55:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
422547
x-cache
Hit from cloudfront
content-length
58593
access-control-allow-origin
*
last-modified
Wed, 24 Mar 2021 12:55:01 GMT
etag
"feecc1308620f8e5b960a42433207f2e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Xvc7Q-ZnybefYwVHl2kAowAa_zHCNhT8gMz_Oxqe20MrP5009emVaA==
62_chatws_TRIGGER_whatsapp2_https.js
d3syt8dxf5vnwf.cloudfront.net/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3syt8dxf5vnwf.cloudfront.net/62_chatws_TRIGGER_whatsapp2_https.js?_=1617013055766
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/bundles/2019/edmBeneficios?v=HxU2cSxd7ZcjnqzFLIOONY1uPFg79A3uDjShu7Guzn41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ba00:5:b326:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14
Resource Hash
166355129d4e6bd6134d62b04f550d023a21ba43497161885ad9cb83cf9bf572

Request headers

Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:15:18 GMT
content-encoding
gzip
server
Apache/2.4.7 (Ubuntu)
x-amz-cf-pop
FRA56-C2
x-powered-by
PHP/5.5.9-1ubuntu4.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
content-length
2413
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-id
UoQgxwG5P9aEXgcZJ_7Xiy3QdrrOuvKpCITT_5ZQAhmaigxegWxKvw==
collect
www.google-analytics.com/j/ 		4 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=599999017&t=pageview&_s=1&dl=https%3A%2F%2Foferta.proteste.org.br%2F2019%2FEdmBeneficios&ul=en-us&de=UTF-8&dt=PROTESTE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=AES1903&cs=E2FT16&cm=SITE&_u=YEBAAEABAAAAAC~&jid=1858756416&gjid=1668189788&cid=1358199109.1617013056&tid=UA-31920540-51&_gid=1744306341.1617013056&_r=1&_slc=1&z=1478521127
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Mar 2021 10:17:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oferta.proteste.org.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-31920540-51&cid=1358199109.1617013056&jid=1858756416&gjid=1668189788&_gid=1744306341.1617013056&_u=YEBAAEAAAAAAAC~&z=1141278099
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 29 Mar 2021 10:17:35 GMT
content-type
text/plain
access-control-allow-origin
https://oferta.proteste.org.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-5e3cec51ed8e99df6977c199d27812d7.html
vars.hotjar.com/ Frame ECBF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-331989.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-100.dus51.r.cloudfront.net
Software
/
Resource Hash
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-5e3cec51ed8e99df6977c199d27812d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://oferta.proteste.org.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer
https://oferta.proteste.org.br/

Response headers

content-type
text/html
content-length
684
date
Mon, 29 Mar 2021 09:29:07 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"4e332edbbc3b46800c87f197cc7d3bb6"
last-modified
Mon, 29 Mar 2021 09:29:02 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
AmluwPc9w4TF7kf53gycOu11teoi8PjZVpFW1Azw2bBzjfyo6FCFdw==
age
2908
62_trigger21.png
d3syt8dxf5vnwf.cloudfront.net/img/tv2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3syt8dxf5vnwf.cloudfront.net/img/tv2/62_trigger21.png
Requested by
Host: oferta.proteste.org.br
URL: https://oferta.proteste.org.br/2019/EdmBeneficios
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ba00:5:b326:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
338bb1a17978f55202cea77cfcfa947666147db79d8ba8dadbb57f02f7c63627

Request headers

Referer
https://oferta.proteste.org.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:15:19 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jul 2017 18:27:09 GMT
server
Apache/2.4.7 (Ubuntu)
x-amz-cf-pop
FRA56-C2
etag
"197f-5549ba9d16a18"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
6527
x-amz-cf-id
g2hJ17SRjzmxZIkNTUpEljcLWHK3ph-_Pi545DlKGOoJ5uh0lr6ZCA==

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| ui function| $ function| jQuery function| Inputmask object| AOS string| urlToRedirect number| possuiUpselling string| urlParaRedirecionamento function| upselBtnSimClick function| upselBtnNaoClick function| preencheDadosUpselling function| AdicionarMascaraDataDeNascimento function| AdicionarNovaMascaraDataDeNascimento function| AdicionarMascaraCpf function| RespostaNao function| AdicionarMascaraCep function| RedirectTo function| ResgatarCupom function| ImpedirEscrita function| CepEstaVazio function| DataNascimentoIsValid function| ExcluirCaracteresNaoNumericos function| AdicionarMascaraTelefone function| AdicionarMascaraCelular function| VerificarBancoEMostrarDigitoAgencia function| SelecionarBandeiraDoCartao function| ativaDV function| MostrarErros function| PrimeiraPalavra function| removerAcentos object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| createCookie function| readCookie string| BypassParameters function| get_parametros function| liga_chat function| chatTrigger function| hideChatTrigger function| showChatTrigger function| criaContainer function| criaIframe function| rtShow function| rtHide string| qs

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3syt8dxf5vnwf.cloudfront.net
img.selecoesbrasil.com.br
oferta.proteste.org.br
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
use.fontawesome.com
vars.hotjar.com
www.google-analytics.com
13.226.159.100
13.226.159.18
170.82.174.10
23.111.9.35
2600:9000:211e:ba00:5:b326:efc0:93a1
2606:4700::6812:b615
2a00:1450:4001:802::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c04::9d
0b988b7277cec58dd8b9af1b1ae4c03294d652d88df46510dc7e678b6021122f
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
15e4bdc562e07662c2385aef99d1d4bc3215494fdb5c3490ec48b30cdde682b5
166355129d4e6bd6134d62b04f550d023a21ba43497161885ad9cb83cf9bf572
17d2bc9f28786fa0ba3b91daa9e62386cd053da1c958d219e69e1bcb5f617ffb
2285d3dfd9f4f277902c923205fb6ac306cc3b2e4978fefaf079ca155d8c4208
2e4488c28d1ae50b62c6bd064cfa1b8a2990034968a1fcde780fcb3fe83be1e8
338bb1a17978f55202cea77cfcfa947666147db79d8ba8dadbb57f02f7c63627
364331862f15634156a14528b199339ea59fb24601eab9e7d171dcc1d37b2700
3faa91b5b775f58ff941b8ebbe47a982d4c6481de5d879770ae09dbae123a54d
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
53a09582053dd17e4452f8b76efed491083b520e187343ed5d6db9200c6a085b
5c521abab9d2b33041aea7a20a9939c52c6b97abaf0317e388c2e99a13be74df
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77c915c7132c2c5c02ec9bc2691d956e392c3ba01cbd90f5c5a61d17fd820e3d
80d9c120287bf8f91fdfc4401114dbfc29d2feec8d4ad7e5a62ce6cc173e266f
8c13c5ea4bc2683d7b9960d3ae61052c25921e085d2dd2797ea40e94e3d155f6
904d1ce31da704f81832e65663033ce5634eb406c1c0fe22a56ea0ebc8b8bd49
93a5d4f3d7ceab732e8664bf6277a477357bb809563127368a81d18ed43bdcae
9bb4e6c886053b1c58714d8cb77f4854a9e9da92c57d51d1511224c82189d48e
a2105789ce69dc2576ecd987aa42f756fe0f3e48f1bfd7c8411f96fae4ef668c
a7e92c7170325db30cf115ec411729bdf8c054d22a91be2d3b9b72cd257ab85a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba54cbbd5dce710a82c4372a8d8c1f4cc3ad417feeb5ba530859ae9d772f701e
be26dc83d31ea12211104016f94a8df96762c716ff80ef9859b5d87d5ef19ba4
c73ca191f5ad425f9394ebf22756f5f290418e81ab312b4b764fbc1b35d83037
d518dc3bec530f7107eb5749c30a8486c4b54a88d964b474c9a3824a096ef4cd
df73640a9ff7a31656ca9739737dd07053cd081e9869f87464dfbadda4ed5b92
e351f00537232d842d23c0be22b98d547db64ff3bee7e93cf9b9140018c2097f
e9f94e5ae18dbe5af1f2ae231cdf68bed9acba893a773cacad7bf05eb3b87d8e
eb0ce3f48db178abe50fe422a4a2fb55ef26bf2f343016f0e223733183632dfe
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f2f989ae8cb0935b9d928ffd140e67806022c38db398000e41075b3b9d143419
f862c3916c6c1ccab96f0657b855ca56201cde7efa7dc8fec85e09177aa801cc
fbd2b7bab377fc97d496b601ed91913e2dc73e21102dc97770423b30bc0b4d89