urlscan.io logo urlscan.io
SecurityTrails logo

cpf.pagoufacil.com.br Open in urlscan Pro
2606:4700:10::6816:1951  Public Scan

Go To Rescan Add Verdict Report
URL: https://cpf.pagoufacil.com.br/
Submission: On April 04 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 8 domains to perform 44 HTTP transactions. The main IP is 2606:4700:10::6816:1951, located in United States and belongs to CLOUDFLARENET, US. The main domain is cpf.pagoufacil.com.br.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 5th 2021. Valid for: a year.
This is the only time cpf.pagoufacil.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 204.225.42.97 267346 (Paschoalo...)
1 65.9.66.34 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.86.7.44 16509 (AMAZON-02)
1 143.204.215.65 16509 (AMAZON-02)
2 54.76.183.110 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
44 13
19    2606:4700:10::6816:1951 (United States)

ASN13335 (CLOUDFLARENET, US)
cpf.pagoufacil.com.br
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    204.225.42.97 (Bauru, Brazil)

ASN267346 (Paschoalotto Servicos Financeiros, BR)
hubapigw.paschoalotto.com.br
1    65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    99.86.7.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-44.fra6.r.cloudfront.net
script.hotjar.com
1    143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net
vars.hotjar.com
2    54.76.183.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-183-110.eu-west-1.compute.amazonaws.com
in.hotjar.com
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
19 pagoufacil.com.br
cpf.pagoufacil.com.br
1 MB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
495 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 624
script.hotjar.com — Cisco Umbrella Rank: 958
vars.hotjar.com — Cisco Umbrella Rank: 1008
in.hotjar.com — Cisco Umbrella Rank: 1743
68 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 7
22 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
159 KB
2 paschoalotto.com.br
hubapigw.paschoalotto.com.br
184 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
351 B
44 8
Domain Requested by
19 cpf.pagoufacil.com.br cpf.pagoufacil.com.br
5 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google.com cpf.pagoufacil.com.br
www.gstatic.com
www.google.com
3 www.googletagmanager.com cpf.pagoufacil.com.br
www.googletagmanager.com
2 in.hotjar.com cpf.pagoufacil.com.br
2 hubapigw.paschoalotto.com.br cpf.pagoufacil.com.br
2 fonts.googleapis.com cpf.pagoufacil.com.br
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google-analytics.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
44 12

This site contains links to these domains. Also see Links.

Domain
www.pagoufacil.com.br
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com
Subject Issuer Validity Valid
*.pagoufacil.com.br
Go Daddy Secure Certificate Authority - G2		 2021-06-05 -
2022-07-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.paschoalotto.com.br
Go Daddy Secure Certificate Authority - G2		 2021-04-09 -
2022-05-11		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://cpf.pagoufacil.com.br/
Frame ID: BB81500A4D148A0E2B4328484AFC1944
Requests: 38 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 766FC996CCB4AAEBDBB4DF994010BD7F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&co=aHR0cHM6Ly9jcGYucGFnb3VmYWNpbC5jb20uYnI6NDQz&hl=es&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=oigy0ke1dxwv
Frame ID: E42EBEB0C4854994F8516CE13332F10E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pagou Fácil

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

100 %
HTTPS

58 %
IPv6

8
Domains

12
Subdomains

13
IPs

4
Countries

1997 kB
Transfer

8370 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cpf.pagoufacil.com.br/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2994ca40a22e7c9804e90954befee43ec331b312cef6a95dd910e102a6c604e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
6f663b072dfe866e-MAD
content-encoding
gzip
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
content-type
text/html
date
Mon, 04 Apr 2022 01:22:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 30 Mar 2022 12:35:48 GMT
pragma
no-cache
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
x-xss-protection
1; mode=block 1; mode=block
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2eb3c6f7141618152e18ea9aa0065e841b51393c426c673ab4ba69aa948b8eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 00:09:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 01:22:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 01:22:02 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 01:22:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 01:22:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 01:22:02 GMT
styles.79ba2d6dd5424123a443.css
cpf.pagoufacil.com.br/ 		326 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/styles.79ba2d6dd5424123a443.css
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08cd13d56bd62bc15fe50228623a51afb7d9cf15bf7cc568ee4e24c512514edb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5240
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:34:56 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"058db8f3244d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0d6a71866e-MAD
runtime-es2015.8a72f469124b81be769a.js
cpf.pagoufacil.com.br/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
11df460e1bb793c966de8ef5b208fd6a3598e83b629a57767411ac4cab5d6e17
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://cpf.pagoufacil.com.br/
Origin
https://cpf.pagoufacil.com.br
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5240
x-powered-by
ASP.NET
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:28:28 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"03e97a83144d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0d6a72866e-MAD
polyfills-es2015.70073d87c25faa82846a.js
cpf.pagoufacil.com.br/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/polyfills-es2015.70073d87c25faa82846a.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1c427700c60fb8baf87f466cd5bd38501e3934c11fa1c658303b06a3214015e9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://cpf.pagoufacil.com.br/
Origin
https://cpf.pagoufacil.com.br
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5240
x-powered-by
ASP.NET
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Mon, 28 Mar 2022 12:01:54 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"0a5aa9d9b42d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0d6a74866e-MAD
main-es2015.f4fb8c9aa9b1d7c840f6.js
cpf.pagoufacil.com.br/ 		3 MB
573 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/main-es2015.f4fb8c9aa9b1d7c840f6.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4060ea848a9d17e0ce2f80aa6461680d76df0eb033a0c2c8d26aeae509f48236
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://cpf.pagoufacil.com.br/
Origin
https://cpf.pagoufacil.com.br
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5240
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:35:48 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"0ead9ae3244d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0d6a75866e-MAD
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cpf.pagoufacil.com.br
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
454933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 18:59:49 GMT
gtm.js
www.googletagmanager.com/ 		132 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P6NFRXR
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/main-es2015.f4fb8c9aa9b1d7c840f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
635f5bcf1ac4af07c454d09626302e4bdc774f5e28eb7685c02e7707c659ebc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48211
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Apr 2022 01:22:02 GMT
0-es2015.c4adf9e3261014da7e40.js
cpf.pagoufacil.com.br/ 		124 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/0-es2015.c4adf9e3261014da7e40.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da1c6c3d791e10033e9dddccc35ee1774e4520dfef441e6bded86b49203750c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5237
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:28:32 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"098f9aa3144d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0fbc52866e-MAD
6-es2015.2d95ed7e097863334d41.js
cpf.pagoufacil.com.br/ 		361 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/6-es2015.2d95ed7e097863334d41.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4087e0640248420654bddc3721a177433918e04ec450af0d90969a77e70ab235
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5237
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:28:36 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"0f25bad3144d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0fbc53866e-MAD
7-es2015.8e662c8d9fe3a1d33032.js
cpf.pagoufacil.com.br/ 		32 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/7-es2015.8e662c8d9fe3a1d33032.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bda4052c79d8f424da2d3478df7eefc9d1f53f5c1bc444c704ed4bbaf22f1a1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5237
x-powered-by
ASP.NET
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:28:36 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"0f25bad3144d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0fbc60866e-MAD
9-es2015.b664a80146a49a22947a.js
cpf.pagoufacil.com.br/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/9-es2015.b664a80146a49a22947a.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a32b5cd425f3e23979318b32b0e8d2fedb478176e6967d25591cca9e7f55823
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5238
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Tue, 29 Mar 2022 13:35:38 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"0b13ee07143d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0fbc62866e-MAD
common-es2015.069c714248b5863f13af.js
cpf.pagoufacil.com.br/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/common-es2015.069c714248b5863f13af.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ed9e4c0a72b9ad49a75edce401126f9bd933cbdf7cdc03078ced59902a745804
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5237
x-powered-by
ASP.NET
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Mon, 28 Mar 2022 12:00:54 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"05fe7799b42d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0fbc64866e-MAD
15-es2015.084ec079bd4db25e1ff6.js
cpf.pagoufacil.com.br/ 		2 MB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/15-es2015.084ec079bd4db25e1ff6.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4b458e36f344f775e768d43a0b748f1019a5ae79b26dcdb8d650714aae137947
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5237
x-powered-by
ASP.NET
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:29:32 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"0debcce3144d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b0fbc65866e-MAD
3-es2015.5e8adbacb3ef94045b47.js
cpf.pagoufacil.com.br/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/3-es2015.5e8adbacb3ef94045b47.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e338eb982fa1ff3f4257e0185e81e19b8833f0c605c4ab70342afdd0bd5294b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5236
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:28:32 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"098f9aa3144d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b10bd2b866e-MAD
4-es2015.192edd04058f1846d434.js
cpf.pagoufacil.com.br/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/4-es2015.192edd04058f1846d434.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6a7291d1ab3e0001fb57fc47403ac01354f4aa4a7b63912f5851c266c984e5f6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5236
x-powered-by
ASP.NET
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:28:34 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"0c52aac3144d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b10bd2c866e-MAD
22-es2015.c1da058b79151b709f08.js
cpf.pagoufacil.com.br/ 		383 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/22-es2015.c1da058b79151b709f08.js
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/runtime-es2015.8a72f469124b81be769a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62c45ff6644dc0bbdd915bae22cddb99ea5e6b6286133a7bc20c577aced5ef4e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5236
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:29:48 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"04646d83144d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b10bd2d866e-MAD
customizacao
hubapigw.paschoalotto.com.br/pagoufacilb2c/url/ 		177 KB
178 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hubapigw.paschoalotto.com.br/pagoufacilb2c/url/customizacao?endereco=3kV0dPeBaU14BHI4fG7Tv0KwxZeaezW1ALCpdNq02jxA0tVE6%2BkUssgx68EevaT35OKmwwLMH%2FF7SIATtUph3w%3D%3D
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/polyfills-es2015.70073d87c25faa82846a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.225.42.97 Bauru, Brazil, ASN267346 (Paschoalotto Servicos Financeiros, BR),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e1f59d175a50cb058be8bdc8563fb73dd8d0f76fc5096e81b0af5193478823dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://cpf.pagoufacil.com.br/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 01:21:09 GMT
X-Rate-Limit-Limit
1m
X-Rate-Limit-Remaining
99
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://cpf.pagoufacil.com.br
X-Rate-Limit-Reset
2022-04-04T01:22:08.6084502Z
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Connection
keep-alive
X-XSS-Protection
1; mode=block
Server
nginx
js
www.googletagmanager.com/gtag/ 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7EW67WFVEY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6NFRXR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
978b2b26d283a7aec150006836724aa51479e3398241ba7c62e600ac6efd0c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:03 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66048
x-xss-protection
0
expires
Mon, 04 Apr 2022 01:22:03 GMT
hotjar-1514727.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1514727.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6NFRXR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
/
Resource Hash
7d7aa150bf2d70d593e1067f711b930839462721582634e44e268b067cde8970
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:03 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-C1
etag
W/71edbaeb7c0dcf87e455a6ee48eb808f
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
6CaBzbbhvMZTdeOpY4vX8ddakjtSs-3DclfsjoBXw9Zs_K-QEeoldQ==
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
collect
www.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7EW67WFVEY&gtm=2oe3u0&_p=897245871&sr=1600x1200&ul=en-us&cid=2031565054.1649035323&_s=1&dl=https%3A%2F%2Fcpf.pagoufacil.com.br%2F&dt=Pagou%20F%C3%A1cil&sid=1649035323&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7EW67WFVEY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 01:22:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cpf.pagoufacil.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.7d3f952308caf42c2b67.js
script.hotjar.com/ 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1514727.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-44.fra6.r.cloudfront.net
Software
/
Resource Hash
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 09:02:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2132397
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63048
access-control-allow-origin
*
last-modified
Thu, 10 Mar 2022 09:01:33 GMT
etag
"2f5d47da7be4d107a04726029158797c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
SFbJ41Zcf6owXvmHlcisHz5ey1zooKKyTc8u2bG4h-zMtUoB6pNFsg==
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 766F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1514727.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-65.fra53.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
5070597
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Feb 2022 08:52:06 GMT
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
vary
Accept-Encoding
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-id
dKesuGgUhJs64EAYpeaayp09N8NPqx2klpmwAz6Yf8wSw-_vQJSmdw==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
visit-data
in.hotjar.com/api/v2/client/sites/1514727/ 		147 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1514727/visit-data?sv=7
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/polyfills-es2015.70073d87c25faa82846a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.183.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-183-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c

Request headers

Referer
https://cpf.pagoufacil.com.br/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 04 Apr 2022 01:22:03 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
api.js
www.google.com/recaptcha/ 		945 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&onload=ng2recaptchaloaded
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/4-es2015.192edd04058f1846d434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9c8e2d1b49fb741b552d7a85ebb02bf475ff4cab788511fed401d983ed7633c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
608
x-xss-protection
1; mode=block
expires
Mon, 04 Apr 2022 01:22:04 GMT
gtm.js
www.googletagmanager.com/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P6NFRXR
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/main-es2015.f4fb8c9aa9b1d7c840f6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a49e388ea0c970b7a7c7d2c9f22590965d0b72b1895177146f2093a7088bf9cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48215
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Apr 2022 01:22:04 GMT
7
hubapigw.paschoalotto.com.br/pagoufacilb2c/pergunta/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hubapigw.paschoalotto.com.br/pagoufacilb2c/pergunta/7
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/polyfills-es2015.70073d87c25faa82846a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.225.42.97 Bauru, Brazil, ASN267346 (Paschoalotto Servicos Financeiros, BR),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
be40f4ab06f786357dcb39de8b3d6d46132bfff52fb54e989f70f54ad3f079dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://cpf.pagoufacil.com.br/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 01:21:10 GMT
X-Rate-Limit-Limit
1m
X-Rate-Limit-Remaining
99
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://cpf.pagoufacil.com.br
X-Rate-Limit-Reset
2022-04-04T01:22:09.8080212Z
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Connection
keep-alive
X-XSS-Protection
1; mode=block
Server
nginx
logo-pagoufacil.svg
cpf.pagoufacil.com.br/assets/images/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/assets/images/logo-pagoufacil.svg
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/polyfills-es2015.70073d87c25faa82846a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
179f68544838f0ca73583cb7f607698ec8af030c664e13b0b1d370c1638c088c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://cpf.pagoufacil.com.br/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5233
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:34:58 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"085c913244d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b1c5e0e866e-MAD
logo-pagoufacil-mini.svg
cpf.pagoufacil.com.br/assets/images/ 		2 KB
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/assets/images/logo-pagoufacil-mini.svg
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/polyfills-es2015.70073d87c25faa82846a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e0d077e663d44aff1ab3585038817032253370c1de152e9e47254c8771301898
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://cpf.pagoufacil.com.br/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5234
x-powered-by
ASP.NET
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:34:58 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
W/"085c913244d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
cf-ray
6f663b1c5e0f866e-MAD
truncated
/ 		69 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1953de2bd93c63d6bbe07ba6ea2755db35e5ca3b23110cc177dae4759002c148

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/jpeg
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cpf.pagoufacil.com.br
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:33:18 GMT
x-content-type-options
nosniff
age
416926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 05:33:18 GMT
fa-brands-400.cac68c83114580480838.woff2
cpf.pagoufacil.com.br/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cpf.pagoufacil.com.br/fa-brands-400.cac68c83114580480838.woff2
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/styles.79ba2d6dd5424123a443.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://cpf.pagoufacil.com.br/
Origin
https://cpf.pagoufacil.com.br
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:04 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5233
x-powered-by
ASP.NET
vary
Accept-Encoding
content-length
77400
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:34:56 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
"058db8f3244d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
accept-ranges
bytes
cf-ray
6f663b1c7e30866e-MAD
logo-pagoufacil-powered-by.png
cpf.pagoufacil.com.br/assets/images/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpf.pagoufacil.com.br/assets/images/logo-pagoufacil-powered-by.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c64394f200c351c59e5d223f714230c223059e10f992af49a77fa3f5a7f7ef
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:04 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5233
vary
Accept-Encoding
content-length
2419
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:34:58 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
"085c913244d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
accept-ranges
bytes
cf-ray
6f663b1c9e4e866e-MAD
logo-paschoalotto.jpg
cpf.pagoufacil.com.br/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpf.pagoufacil.com.br/assets/images/logo-paschoalotto.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
00999fe0897dc33efdeb40d90d007af9db4d3f2f1cde7276cca72ffc051e3397
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:04 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
5234
x-powered-by
ASP.NET
vary
Accept-Encoding
content-length
2738
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 30 Mar 2022 12:34:58 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://www.pagoufacil.com.br
etag
"085c913244d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=14400
content-security-policy
default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
accept-ranges
bytes
cf-ray
6f663b1c9e50866e-MAD
cf-bgj
h2pri
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ba50a853089516ebfeaaefa325a7d0f71787a3fddfa26b12224057c66f943e9

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
visit-data
in.hotjar.com/api/v2/client/sites/1514727/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1514727/visit-data?sv=7
Requested by
Host: cpf.pagoufacil.com.br
URL: https://cpf.pagoufacil.com.br/polyfills-es2015.70073d87c25faa82846a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.183.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-183-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c

Request headers

Referer
https://cpf.pagoufacil.com.br/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 04 Apr 2022 01:22:04 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
recaptcha__es.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__es.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&onload=ng2recaptchaloaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7854f8d06e1d2ac4acf855d9cc2f86f6ccdccbe7731f9b01a72546b49a6a1622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cpf.pagoufacil.com.br/
Origin
https://cpf.pagoufacil.com.br
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 16:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145759
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 16:29:49 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v126/ 		121 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v126/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cpf.pagoufacil.com.br
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:31:29 GMT
x-content-type-options
nosniff
age
521436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124372
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 18:26:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 00:31:29 GMT
anchor
www.google.com/recaptcha/api2/ Frame E42E 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&co=aHR0cHM6Ly9jcGYucGFnb3VmYWNpbC5jb20uYnI6NDQz&hl=es&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=oigy0ke1dxwv
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__es.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cabb1c0cd53652c9ad158c50a2d94e74c09acda940ade9e7019b703937243db1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fKu1Ru1cxz/AkRmDoGDv6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cpf.pagoufacil.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21767
content-security-policy
script-src 'report-sample' 'nonce-fKu1Ru1cxz/AkRmDoGDv6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 01:22:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame E42E 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&co=aHR0cHM6Ly9jcGYucGFnb3VmYWNpbC5jb20uYnI6NDQz&hl=es&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=oigy0ke1dxwv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 14:40:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 14:40:34 GMT
recaptcha__es.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame E42E 		362 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__es.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&co=aHR0cHM6Ly9jcGYucGFnb3VmYWNpbC5jb20uYnI6NDQz&hl=es&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=oigy0ke1dxwv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7854f8d06e1d2ac4acf855d9cc2f86f6ccdccbe7731f9b01a72546b49a6a1622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 16:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145759
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 16:29:49 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E42E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:40:09 GMT
x-content-type-options
nosniff
age
279716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 07 Apr 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E42E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&co=aHR0cHM6Ly9jcGYucGFnb3VmYWNpbC5jb20uYnI6NDQz&hl=es&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=oigy0ke1dxwv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 11:18:05 GMT
x-content-type-options
nosniff
age
482640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E42E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&co=aHR0cHM6Ly9jcGYucGFnb3VmYWNpbC5jb20uYnI6NDQz&hl=es&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=oigy0ke1dxwv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
age
454937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E42E 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=es&v=gZWLhEUEJFxEhoT5hpjn2xHK
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&co=aHR0cHM6Ly9jcGYucGFnb3VmYWNpbC5jb20uYnI6NDQz&hl=es&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=oigy0ke1dxwv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
105b81e3fa77e0cf8300c00e64314154399f523b21469d255450c6a54c25d3b5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevVH8bAAAAAMewGknPq1C8s80JKBBtBf4ojTKF&co=aHR0cHM6Ly9jcGYucGFnb3VmYWNpbC5jb20uYnI6NDQz&hl=es&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=oigy0ke1dxwv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 01:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 04 Apr 2022 01:22:06 GMT

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| userAgent function| gtag object| dataLayer object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| Hammer object| __zone_symbol__messagetrue object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| JsBarcode function| _ object| google_tag_manager object| __zone_symbol__loadfalse function| hj object| _hjSettings object| google_tag_data object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse object| __zone_symbol__pagehidefalse object| gaGlobal function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| __zone_symbol__messagefalse function| ng2recaptchaloaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __zone_symbol__testfalse object| recaptcha object| closure_lm_287987 function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

8 Cookies

Domain/Path Name / Value
.pagoufacil.com.br/ Name: _ga
Value: GA1.1.2031565054.1649035323
.pagoufacil.com.br/ Name: _hjSessionUser_1514727
Value: eyJpZCI6ImZjZDdkOWExLTcyYTItNTY3Yi04OTEyLWYxM2I4MmU5OWZlNCIsImNyZWF0ZWQiOjE2NDkwMzUzMjM2NTUsImV4aXN0aW5nIjpmYWxzZX0=
.pagoufacil.com.br/ Name: _hjFirstSeen
Value: 1
cpf.pagoufacil.com.br/ Name: _hjIncludedInSessionSample
Value: 1
.pagoufacil.com.br/ Name: _hjSession_1514727
Value: eyJpZCI6ImI4ODY1OTc2LWNkNGYtNGU0Yi05MmEyLTc1MzZhMWZkNGU3MCIsImNyZWF0ZWQiOjE2NDkwMzUzMjM2NjgsImluU2FtcGxlIjp0cnVlfQ==
cpf.pagoufacil.com.br/ Name: _hjIncludedInPageviewSample
Value: 1
.pagoufacil.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 0
.pagoufacil.com.br/ Name: _ga_7EW67WFVEY
Value: GS1.1.1649035323.1.1.1649035325.0

1 Console Messages

Source Level URL
Text
security error URL: https://cpf.pagoufacil.com.br/main-es2015.f4fb8c9aa9b1d7c840f6.js(Line 1)
Message:
Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src 'self' https://vars.hotjar.com https://www.google.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.hotjar.com:* wss://*.hotjar.com https://*.cloudfront.net; script-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://*.cloudfront.net https://www.google.com https://www.gstatic.com ; connect-src 'self' https://hubapigw.paschoalotto.com.br https://hubapigwqa.paschoalotto.com.br https://www.google-analytics.com https://stats.g.doubleclick.net https://*.hotjar.com:* wss://*.hotjar.com; img-src 'self' https://www.google-analytics.com https://www.google.com https://www.google.com.br https://*.hotjar.com data: ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com https://www.google.com https://www.gstatic.com https://*.cloudfront.net; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com https://*.hotjar.com; script-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://vars.hotjar.com ; frame-src 'self' https://vars.hotjar.com https://www.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://www.pagoufacil.com.br
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cpf.pagoufacil.com.br
fonts.googleapis.com
fonts.gstatic.com
hubapigw.paschoalotto.com.br
in.hotjar.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
143.204.215.65
204.225.42.97
2606:4700:10::6816:1951
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:801::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200e
2a00:1450:4001:830::2003
54.76.183.110
65.9.66.34
99.86.7.44
00999fe0897dc33efdeb40d90d007af9db4d3f2f1cde7276cca72ffc051e3397
08cd13d56bd62bc15fe50228623a51afb7d9cf15bf7cc568ee4e24c512514edb
105b81e3fa77e0cf8300c00e64314154399f523b21469d255450c6a54c25d3b5
11df460e1bb793c966de8ef5b208fd6a3598e83b629a57767411ac4cab5d6e17
179f68544838f0ca73583cb7f607698ec8af030c664e13b0b1d370c1638c088c
1953de2bd93c63d6bbe07ba6ea2755db35e5ca3b23110cc177dae4759002c148
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c427700c60fb8baf87f466cd5bd38501e3934c11fa1c658303b06a3214015e9
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
1da1c6c3d791e10033e9dddccc35ee1774e4520dfef441e6bded86b49203750c
2994ca40a22e7c9804e90954befee43ec331b312cef6a95dd910e102a6c604e0
2eb3c6f7141618152e18ea9aa0065e841b51393c426c673ab4ba69aa948b8eff
3a32b5cd425f3e23979318b32b0e8d2fedb478176e6967d25591cca9e7f55823
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4060ea848a9d17e0ce2f80aa6461680d76df0eb033a0c2c8d26aeae509f48236
4087e0640248420654bddc3721a177433918e04ec450af0d90969a77e70ab235
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
48c64394f200c351c59e5d223f714230c223059e10f992af49a77fa3f5a7f7ef
4b458e36f344f775e768d43a0b748f1019a5ae79b26dcdb8d650714aae137947
4e338eb982fa1ff3f4257e0185e81e19b8833f0c605c4ab70342afdd0bd5294b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba50a853089516ebfeaaefa325a7d0f71787a3fddfa26b12224057c66f943e9
62c45ff6644dc0bbdd915bae22cddb99ea5e6b6286133a7bc20c577aced5ef4e
635f5bcf1ac4af07c454d09626302e4bdc774f5e28eb7685c02e7707c659ebc4
6a7291d1ab3e0001fb57fc47403ac01354f4aa4a7b63912f5851c266c984e5f6
7854f8d06e1d2ac4acf855d9cc2f86f6ccdccbe7731f9b01a72546b49a6a1622
7d7aa150bf2d70d593e1067f711b930839462721582634e44e268b067cde8970
964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551
978b2b26d283a7aec150006836724aa51479e3398241ba7c62e600ac6efd0c50
a49e388ea0c970b7a7c7d2c9f22590965d0b72b1895177146f2093a7088bf9cb
b9c8e2d1b49fb741b552d7a85ebb02bf475ff4cab788511fed401d983ed7633c
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bda4052c79d8f424da2d3478df7eefc9d1f53f5c1bc444c704ed4bbaf22f1a1a
be40f4ab06f786357dcb39de8b3d6d46132bfff52fb54e989f70f54ad3f079dd
cabb1c0cd53652c9ad158c50a2d94e74c09acda940ade9e7019b703937243db1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
e0d077e663d44aff1ab3585038817032253370c1de152e9e47254c8771301898
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e1f59d175a50cb058be8bdc8563fb73dd8d0f76fc5096e81b0af5193478823dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9e4c0a72b9ad49a75edce401126f9bd933cbdf7cdc03078ced59902a745804
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48