URL: https://arearestrita.saudecomdinheiro.com.br/
Submission: On December 08 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 198.50.125.94, located in Canada and belongs to IWEB-AS, CA. The main domain is arearestrita.saudecomdinheiro.com.br.
TLS certificate: Issued by R10 on December 8th 2024. Valid for: 3 months.
This is the only time arearestrita.saudecomdinheiro.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 198.50.125.94 32613 (IWEB-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f00... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a03:2880:f10... 32934 (FACEBOOK)
27 8
Apex Domain
Subdomains
Transfer
10 saudecomdinheiro.com.br
arearestrita.saudecomdinheiro.com.br
1 MB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
715 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
137 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
210 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
10 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3370
41 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
27 7
Domain Requested by
10 arearestrita.saudecomdinheiro.com.br arearestrita.saudecomdinheiro.com.br
5 cdnjs.cloudflare.com arearestrita.saudecomdinheiro.com.br
cdnjs.cloudflare.com
4 connect.facebook.net arearestrita.saudecomdinheiro.com.br
connect.facebook.net
3 www.facebook.com arearestrita.saudecomdinheiro.com.br
connect.facebook.net
2 cdn.jsdelivr.net arearestrita.saudecomdinheiro.com.br
2 stackpath.bootstrapcdn.com arearestrita.saudecomdinheiro.com.br
1 fonts.googleapis.com arearestrita.saudecomdinheiro.com.br
27 7

This site contains links to these domains. Also see Links.

Domain
www.twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.pinterest.com
www.telegram.me
Subject Issuer Validity Valid
arearestrita.saudecomdinheiro.com.br
R10
2024-12-08 -
2025-03-08
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-16 -
2024-12-15
3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA
2024-05-04 -
2025-05-04
a year crt.sh

This page contains 2 frames:

Primary Page: https://arearestrita.saudecomdinheiro.com.br/
Frame ID: 40BA2B9C8900287A41F5755D2701C292
Requests: 28 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfefa56d78f9075447%26domain%3Darearestrita.saudecomdinheiro.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Farearestrita.saudecomdinheiro.com.br%252Ff1c36972dfad587a2%26relation%3Dparent.parent&container_width=247&header=false&height=260&href=https%3A%2F%2Fwww.facebook.com%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=260
Frame ID: D6C9B87E7C8AC914DD63D94CB16C3090
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Atualizar o nome no adm > configurações > Configurações

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

27
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

2161 kB
Transfer

3850 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
arearestrita.saudecomdinheiro.com.br/
153 KB
154 KB
Document
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
4b1a16ebd08de22863dda231a1a0be804a420eee24c80e25306104ae100ea78f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 08 Dec 2024 01:17:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:200,300,300i,400,400i,500,600,700
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05973f3af0dbc93f18e80c22e4792b1f9a13637448e05388dd62cf9fe5fc1ae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 01:17:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 08 Dec 2024 01:17:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/
157 KB
25 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://arearestrita.saudecomdinheiro.com.br
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
"3afe15e976734d9daac26310110c4594"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 08 Dec 2024 01:17:26 GMT
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
12/04/2024 09:54:16
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c1c4134f79c37c45af434d5b3ba0d473
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8ee8ea6f8bb341e6-EWR
access-control-allow-origin
*
cdn-edgestorageid
1067
server
cloudflare
cdn-requestcountrycode
US
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/
101 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"660cc074-49fa"
age
773920
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvGBAD%2B3X2sCu%2F%2FKFMerPzlynkUeoIX0%2FQHH%2FPIerkQVnafpwkwpObTX9SG6BqgAvvD0ZRgLGqScanXG3Z1LIHaMmMSf8VePyjn9uG8XFtHJPB%2BRs%2FB7fCEh1YqIQ9MRyfEWjrXRB%2FnZMa%2FJtnEPj2zM"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 01:17:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 03 Apr 2024 02:35:32 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee8ea6fcb02c356-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
18938
server
cloudflare
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-JFxu7aer' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-JFxu7aer' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=23, mss=1232, tbw=5749, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
sYtLYzO72OEbOi9ifhm8hYqzfcLfFg7Vp+/bmgmjMu0wPOJBLmYef2iHkd1YFsQYa2dtE2haprhTIg9jQEDxPg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
20200723020207072525-logo.png
arearestrita.saudecomdinheiro.com.br/images123/logos/
11 KB
11 KB
Image
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/images123/logos/20200723020207072525-logo.png
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
dfdccd4f3fa98f8a91754b8e4cccea7c306e0dafa314bb62b7ce1ab9ed73357b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11169
Keep-Alive
timeout=5, max=100
Date
Sun, 08 Dec 2024 01:17:26 GMT
Last-Modified
Thu, 23 Jul 2020 17:36:26 GMT
Content-Type
image/png
Server
Apache
jquery-3.5.1.min.js
arearestrita.saudecomdinheiro.com.br/inc123/js/
87 KB
88 KB
Script
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/inc123/js/jquery-3.5.1.min.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
89476
Keep-Alive
timeout=5, max=99
Date
Sun, 08 Dec 2024 01:17:26 GMT
Last-Modified
Tue, 15 Dec 2020 21:11:22 GMT
Content-Type
text/plain
Server
Apache
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/
21 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://arearestrita.saudecomdinheiro.com.br
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
age
651461
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRl4LtDZfWwjlDq76lFyrCSOFCkHsN43OjpwEn832RuFajQlD060HubVpS%2Bu2nOgsHOCfVEn43MoNaui0yrAuqQsMg9rNVDxKh2wID52y3BVMtBWuE83YM68k2YftcDWPgV%2BqnIZVCEGC9C3EFg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230104-FRA, cache-lga21958-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee8ea700ebe8c5f-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
7202
server
cloudflare
x-jsd-version
1.16.0
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/
59 KB
16 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://arearestrita.saudecomdinheiro.com.br
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
"6bea60c34c5db6797150610dacdc6bce"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 08 Dec 2024 01:17:26 GMT
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/27/2024 13:40:05
cdn-requestpullcode
200
priority
u=2,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e16a2d7c96b020fb848c9da28d407ff4
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8ee8ea6f8bb641e6-EWR
access-control-allow-origin
*
cdn-edgestorageid
1068
server
cloudflare
cdn-requestcountrycode
US
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/js/
1 MB
401 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/js/all.min.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a1b4a6aa2032fb22fd8026a3dc1d74bfb3a923485bdbca93796d1225293224e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"660cc074-6427e"
age
666349
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GqAYdZZMBW1dRta0epB5QoC%2F%2Fm6FKnlHmlJYogodXh02RTDejsUfXGhNscwtVBLDU%2BTiINVVJzxStiNr%2BqBcEdOSZuFWPDSOeBrurgw0enPcsDidw2Q8eRImO3UoXgb89X8evnjTgH8zhoFCwmWqhpYW"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 01:17:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 03 Apr 2024 02:35:32 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee8ea6fcb04c356-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
410238
server
cloudflare
jquery.form.min.js
arearestrita.saudecomdinheiro.com.br/inc123/js123/
15 KB
15 KB
Script
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/inc123/js123/jquery.form.min.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15248
Keep-Alive
timeout=5, max=100
Date
Sun, 08 Dec 2024 01:17:26 GMT
Last-Modified
Tue, 19 May 2020 23:37:30 GMT
Content-Type
application/javascript
Server
Apache
sweetalert2.all.min.js
arearestrita.saudecomdinheiro.com.br/inc123/plugins/sweetalert2/
62 KB
62 KB
Script
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/inc123/plugins/sweetalert2/sweetalert2.all.min.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
a054837687965ce8eb9ee58ec340fe19d397cfa7a9132e3ace680f803910aee9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
63127
Keep-Alive
timeout=5, max=100
Date
Sun, 08 Dec 2024 01:17:26 GMT
Last-Modified
Fri, 26 Jul 2019 22:54:30 GMT
Content-Type
text/plain
Server
Apache
promise-polyfill
cdn.jsdelivr.net/npm/
5 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/promise-polyfill
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3707174ed018b7fd3764e612b22a4f42b0e95592ca8ae05f35807228435dfada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"123e-9RSuH/CRQRC6EauiywW0zOINhcI"
age
26389
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FqA%2BiVL4li1sQjAjDy2EI31b0Ir94NeTF2avNztORARugtcTQSIDh4k26ZIa7NeHoK%2FQRI5JzMk7EALquvCPv0emoMTUHq5dqg%2FH%2F4fWFxdjjbzt6zPEkfsJYw8F%2FVxLS4HfuNGvOVaNEjDRBGk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220129-FRA, cache-lga21957-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee8ea700fa1435e-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1749
server
cloudflare
x-jsd-version
8.3.0
imask.js
arearestrita.saudecomdinheiro.com.br/inc123/js123/
149 KB
150 KB
Script
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/inc123/js123/imask.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
8ca434d270d3560aeb75b057695f3cae6b8f05077daa30c4dc7ecb253a309616

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
152914
Keep-Alive
timeout=5, max=100
Date
Sun, 08 Dec 2024 01:17:26 GMT
Last-Modified
Sat, 04 Dec 2021 14:18:08 GMT
Content-Type
application/javascript
Server
Apache
jquery.realperson.js
arearestrita.saudecomdinheiro.com.br/inc123/js/
10 KB
11 KB
Script
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/inc123/js/jquery.realperson.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
833ecd62455434593d41e1511709c3bf86232999c450a08a8f06fd8e2a9883c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10607
Keep-Alive
timeout=5, max=100
Date
Sun, 08 Dec 2024 01:17:26 GMT
Last-Modified
Sat, 25 Feb 2023 00:14:10 GMT
Content-Type
text/plain
Server
Apache
4545646668888
connect.facebook.net/signals/config/
2 KB
1 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/4545646668888?v=2.9.178&r=stable&domain=arearestrita.saudecomdinheiro.com.br&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4095d61d8041957172cab7a5cb0838bb4987717014623a230f27e5325fba9e1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-Klt4QXIJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-Klt4QXIJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=77, mss=1232, tbw=73941, tp=70, tpl=0, uplat=62, ullat=0
pragma
public
x-fb-debug
K74FSoENJYiDAj0vdLL6ucRq/DJ42FrjlrEy3JRFM9eWCxhmg/SVDcqgPL7vj1C9EKo+zpsh1vnlgsRfGLRckA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
all.js
connect.facebook.net/pt_BR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/all.js
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ace9e32dc2b523de86a4dbbfec9e03ebc834acb1407da81f97b739d734ed5a9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

content-md5
jFaOWCg/34ATZ6h5Lmu18Q==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"2c1f96c8e5bc58356fcc288cbf7ccb9e"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 01:30:32 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
5728133623ab357d9be0fa85987b2c6c
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=77, mss=1232, tbw=71717, tp=67, tpl=0, uplat=0, ullat=-1
x-fb-debug
4/t9Kv346thJwh7A93wpH4PRwsyOygCp0VYu3nHa117gYPxiLo/RK4zZPEJMX63Rmr+zGEWgnaXaR1pbHiIAcw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?1
1594859237_south_america.jpg
arearestrita.saudecomdinheiro.com.br/images123/slides/
372 KB
372 KB
Image
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/images123/slides/1594859237_south_america.jpg
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
3ff44bd2f7f1361514d9b270f557745c6b0bd933b97904907d0968e1bc267868

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
380467
Keep-Alive
timeout=5, max=99
Date
Sun, 08 Dec 2024 01:17:26 GMT
Last-Modified
Thu, 16 Jul 2020 00:27:18 GMT
Content-Type
image/jpeg
Server
Apache
truncated
/
156 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
157 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/
153 KB
153 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://arearestrita.saudecomdinheiro.com.br
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"660cc074-262f0"
age
741966
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJOGbfobHG3I8njqLqOdijAraPVO1kgY%2ByMfyX%2FrZhuvB1MmVlT7bD%2Fnb6II7M6jbF53z9WUt311LvYTy2FltbTtCYFyiFR28bRILzIvCwB8Vycf3bxG%2B%2FrE4Me9NYeb3y0gjg3aB32UVJ5EjZdK6DyU"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 01:17:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Wed, 03 Apr 2024 02:35:32 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee8ea71ad580f75-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
156400
server
cloudflare
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/
115 KB
116 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
232c6f6a7678304f9efaa26f30b1610debc2ba9f4cd636b5e6751c8d73761b92
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://arearestrita.saudecomdinheiro.com.br
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"660cc074-1cc5c"
age
841468
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jj4FsKpuwrYSR%2Be9pLsKtTVsU%2BLVXb7uSMwZoDDquib3m4Xw37byD4wc8WwJqftISjrBzKNC3JwlXv5%2FVZbepd2MNYkyI190IIFjyuYxKRewM01NBe%2FCU7Lof%2F7C%2Fs%2BzF%2FyycGqJjxuZnWnqPuFStYsh"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 01:17:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Wed, 03 Apr 2024 02:35:32 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee8ea71ad5b0f75-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
117852
server
cloudflare
all.js
connect.facebook.net/pt_BR/
250 KB
73 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/all.js?hash=6c6248229560727faf00de4dae65b029
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
88d845b9bdebfbb7231fda4dbc9c3c67238f83417818300931ff6a07a318b380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://arearestrita.saudecomdinheiro.com.br
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

content-md5
DweplrYDpZp2uIju7wdUGw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"4729d2d8f91798dc0c7cf3e54e603034"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Mon, 08 Dec 2025 00:47:05 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
341202046a45cf557b7bf3eec122df99
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=3120, tp=6, tpl=0, uplat=1, ullat=-1
x-fb-debug
r3nLiF3xcmJifhwVkEHLrV41JXNLiX2YzE0Y25Pd4wIS1tOfDVY2aIbPt8hWJH9wDHylg707ztdiNh2/RXXd9A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
74785
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=4545646668888&ev=PageView&dl=https%3A%2F%2Farearestrita.saudecomdinheiro.com.br%2F&rl=&if=false&ts=1733620646593&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=28&it=1733620646475&coo=false&rqm=GET
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=5736, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
194 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=4545646668888&ev=PageView&dl=https%3A%2F%2Farearestrita.saudecomdinheiro.com.br%2F&rl=&if=false&ts=1733620646593&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=28&it=1733620646475&coo=false&rqm=FGET
Requested by
Host: arearestrita.saudecomdinheiro.com.br
URL: https://arearestrita.saudecomdinheiro.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7445843979120595644"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Lz73NjUeTgi8qGC+GrUzjMaZdTDfOVMJKdUlGhh76p62msol9hq88Tko94h81DB/a9suzPsNitaBnZ95vL/kqQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7445843979120595644", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=6056, tp=13, tpl=0, uplat=22, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/
25 KB
25 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27da6f833431da5aa295c44540bfac0fd8270ba6a3c4346427006d8a7b34b76
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://arearestrita.saudecomdinheiro.com.br
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"660cc074-6330"
age
571318
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pG0eO2i%2B%2FbD5RXKXc8OnF%2FhEI79vEgxu%2FyhxlMlYsN0yeW0YBhl5uXEMav%2Fh3OIMtAPlRzpgL6A3rSHduJAJGEAVSbfB0GhYXCeVd3PsqQiCHikm7tqgOpO4qSEOH8x7EvZb31IWpysx%2F2Ebybef0XO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 01:17:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 08 Dec 2024 01:17:26 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Wed, 03 Apr 2024 02:35:32 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee8ea725e140f75-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
25392
server
cloudflare
like_box.php
www.facebook.com/plugins/ Frame D6C9
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfefa56d78f9075447%26domain%3Darearestrita.saudecomdinheiro.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Farearestrita.saudecomdinheiro.com.br%252Ff1c36972dfad587a2%26relation%3Dparent.parent&container_width=247&header=false&height=260&href=https%3A%2F%2Fwww.facebook.com%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=260
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=6c6248229560727faf00de4dae65b029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arearestrita.saudecomdinheiro.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 08 Dec 2024 01:17:27 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7445843984574642806"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7445843984574642806", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=5748, tp=10, tpl=0, uplat=40, ullat=0
x-fb-debug
w73ThKJsaJUjSuvdBwxe88Om5Wepo+zuaV/IKqJOEvmaTG/kptFe3gF8JBKzQCh1gCPTUjd9JBDMEhaB6AcuGA==
x-xss-protection
0
favicon.png
arearestrita.saudecomdinheiro.com.br/images123/logos/
315 B
515 B
Other
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/images123/logos/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

Keep-Alive
timeout=5, max=98
Content-Length
315
Date
Sun, 08 Dec 2024 01:17:27 GMT
Content-Type
text/html; charset=iso-8859-1
Server
Apache
Connection
Keep-Alive
1594787935_bg_home.jpg
arearestrita.saudecomdinheiro.com.br/images123/slides/
394 KB
394 KB
Image
General
Full URL
https://arearestrita.saudecomdinheiro.com.br/images123/slides/1594787935_bg_home.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.50.125.94 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
serverc694.netdatacenter.net
Software
Apache /
Resource Hash
363ef6e2cf911333be82a1192720fbd6852f48d87ae4dac5ab765ec765f104f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://arearestrita.saudecomdinheiro.com.br/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
403555
Keep-Alive
timeout=5, max=97
Date
Sun, 08 Dec 2024 01:17:31 GMT
Last-Modified
Wed, 15 Jul 2020 04:38:56 GMT
Content-Type
image/jpeg
Server
Apache

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Promise function| AggregateError function| fbq function| _fbq object| FB function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| finallyConstructor function| allSettled function| any function| setTimeoutFunc function| isArray function| noop function| bind function| handle function| resolve function| reject function| finale function| Handler function| doResolve string| errorEmpty string| errorEmail function| whatsappstart function| openFormConfirma function| openForm function| closeForm function| openWhatsApp function| openContato function| openChat function| openFatura function| openConfirma function| IMask object| maskCpfOuCnpj object| __buffer

1 Cookies

Domain/Path Name / Value
arearestrita.saudecomdinheiro.com.br/ Name: aberto
Value: 86337a12d6777c916368933a9e26d3d0

4 Console Messages

Source Level URL
Text
recommendation warning URL: https://arearestrita.saudecomdinheiro.com.br/
Message:
[DOM] Found 2 elements with non-unique id #email2: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://arearestrita.saudecomdinheiro.com.br/
Message:
[DOM] Found 2 elements with non-unique id #name1: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://arearestrita.saudecomdinheiro.com.br/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://arearestrita.saudecomdinheiro.com.br/images123/logos/favicon.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arearestrita.saudecomdinheiro.com.br
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
stackpath.bootstrapcdn.com
www.facebook.com
198.50.125.94
2606:4700::6811:180e
2606:4700::6812:ba1f
2606:4700::6812:bcf
2607:f8b0:4004:c09::5f
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
05973f3af0dbc93f18e80c22e4792b1f9a13637448e05388dd62cf9fe5fc1ae7
232c6f6a7678304f9efaa26f30b1610debc2ba9f4cd636b5e6751c8d73761b92
363ef6e2cf911333be82a1192720fbd6852f48d87ae4dac5ab765ec765f104f0
3707174ed018b7fd3764e612b22a4f42b0e95592ca8ae05f35807228435dfada
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3ff44bd2f7f1361514d9b270f557745c6b0bd933b97904907d0968e1bc267868
4095d61d8041957172cab7a5cb0838bb4987717014623a230f27e5325fba9e1f
4a1b4a6aa2032fb22fd8026a3dc1d74bfb3a923485bdbca93796d1225293224e
4b1a16ebd08de22863dda231a1a0be804a420eee24c80e25306104ae100ea78f
5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
833ecd62455434593d41e1511709c3bf86232999c450a08a8f06fd8e2a9883c6
88d845b9bdebfbb7231fda4dbc9c3c67238f83417818300931ff6a07a318b380
8ca434d270d3560aeb75b057695f3cae6b8f05077daa30c4dc7ecb253a309616
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a
a054837687965ce8eb9ee58ec340fe19d397cfa7a9132e3ace680f803910aee9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ace9e32dc2b523de86a4dbbfec9e03ebc834acb1407da81f97b739d734ed5a9c
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
c27da6f833431da5aa295c44540bfac0fd8270ba6a3c4346427006d8a7b34b76
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dfdccd4f3fa98f8a91754b8e4cccea7c306e0dafa314bb62b7ce1ab9ed73357b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d