www.boletonet.com.br Open in urlscan Pro
2606:4700:20::ac43:4781 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://boletonet.com.br/
Effective URL:
https://www.boletonet.com.br/
Submission: On May 05 via automatic, source certstream-suspicious (May 5th 2023, 6:55:45 pm UTC) — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 2606:4700:20::ac43:4781, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.boletonet.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2022. Valid for: a year.

This is the only time www.boletonet.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 15	2606:4700:20:... 2606:4700:20::ac43:4781	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
24	5

15 2606:4700:20::ac43:4781 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

boletonet.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.boletonet.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	boletonet.com.br 2 redirects boletonet.com.br www.boletonet.com.br	754 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	557 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	31 KB
24	3

	Domain	Requested by
14	www.boletonet.com.br	1 redirects www.boletonet.com.br
6	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.boletonet.com.br www.gstatic.com www.google.com
1	fonts.gstatic.com	www.google.com
1	boletonet.com.br	1 redirects
24	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-17` - `2023-08-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.boletonet.com.br/
Frame ID: BA01CF72361E533E20E83ED4C6EEAD32
Requests: 14 HTTP requests in this frame

Frame: https://www.boletonet.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Frame ID: 6B083A2F40CD274730246C6B604A4E3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdaTO4ZAAAAALKiqBb76C5WuDS0ms4S6DfUeo60&co=aHR0cHM6Ly93d3cuYm9sZXRvbmV0LmNvbS5icjo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=fu7yvtiz2g2f
Frame ID: 5DEFCB407B0C19FD49CECB61AD44DD75
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LdaTO4ZAAAAALKiqBb76C5WuDS0ms4S6DfUeo60
Frame ID: 34501BF490A814AE73F849B7299376C9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BoletoNet

Page URL History Show full URLs

https://boletonet.com.br/ HTTP 301
https://www.boletonet.com.br/ Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

24
Requests

96 %
HTTPS

100 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

1341 kB
Transfer

4234 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://boletonet.com.br/ HTTP 301
https://www.boletonet.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.boletonet.com.br/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.boletonet.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

24 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.boletonet.com.br/
Redirect Chain

https://boletonet.com.br/
https://www.boletonet.com.br/

2 KB
1 KB

314ms
286ms

Document
text/html

2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7863cecaa7ea21068412e699dfb0f5f3f00558d4bfbe039effa94332b214bfad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7c2b32efba7218c7-FRA
content-encoding: br
content-type: text/html
date: Fri, 05 May 2023 18:55:39 GMT
last-modified: Wed, 29 Dec 2021 11:26:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ4VhBkZ0iRgtAFc8v85sLSwmm7QromlvKzNIrFRE5%2FouiC%2FaIvWxmSOQ0HDSKKls9nWu%2B13TJpXwMeKhF4T46zbZAwI2%2BAG8yXJbwfw3HQcPraDkyTJu8ou7QEGTl7QBUnS00NRSW1XO1zYO3DW3kte"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: yrvoFdZ147a0q2trTh14o/KpzcaBLxpIm2PpV/ugLS9+pV2wMwGffddPSFEViutc03+NH4w1mxk=
x-amz-request-id: 4BJEVYMSQ3VFBC4M

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7c2b32ee0f7f18c7-FRA
content-length: 0
date: Fri, 05 May 2023 18:55:39 GMT
location: https://www.boletonet.com.br/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIFWxFHTARv8t0xqCfwBj%2BqDEDgF7h5XAG2giDjz3UnYuUuKgL7EL6ahNUykATk0MFd1hBnptU%2ByZa7LktmVGSmmhw3sCq8qV%2BQqDu8te%2FNmbfo35T%2B5OiD4STHSdG%2F1a%2Fl2LtoUyAIoyibQgEI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: tvo4qT3wCIjg1+XmYuLGADF30IF6jaHGRKJEpBuK57HBTvuG/3oclYb6BiIkqmVk5VE5kZtQM04=
x-amz-request-id: 4BJ131GXE7YTKFB7

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 916 B
906 B 104ms
40ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Requested by

Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4f3209e5481f170ee1f5afb067a4db7058da5f9338a8bc32a7535327b67a98b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boletonet.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 584
x-xss-protection: 1; mode=block
expires: Fri, 05 May 2023 18:55:39 GMT

GET
H2 200 app.968d5f1c.css
www.boletonet.com.br/css/ 1 MB
174 KB 721ms
718ms Stylesheet
text/css 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/css/app.968d5f1c.css
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 038d5db7f0bbb0180d5f7aa3c8b241bf5f8b5bd4b54ae9710c5783ee67ed9a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boletonet.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Dec 2021 11:26:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 4BJ45AKJ4HWGZEZK
etag: W/"f543f6632b75b79111a0666f64d67c80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTgVxSx7dsjZY9FBFAiUfY0e32O%2Bd90%2FvwraoiEiQZqWJP2IUuOXt9c5N5Ugz%2BaY5G0toDYZPd0War7pV1UnBx3XuK6CC%2B7qa94rV4qUpuJ0Ew%2B%2BoJMuPzKcaxEzRjkQ5%2FNdw2S%2BoTeLa2vfEEibo7ne"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c2b32f17cef18c7-FRA
x-amz-id-2: dD30slvXzI6cYNnesFS1X5778Wo5LSO5QndBmcQGPjyN9emHr2S+Lh/zkMEzzX9vnkXnz9RuJ5w=

GET
H2 200 vendor.55b50f7a.js Show response
www.boletonet.com.br/js/ 1 MB
398 KB 743ms
740ms Script
application/javascript 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/js/vendor.55b50f7a.js
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 438055197241dfc48f6b736720ac0d0347d0777b2e2643723fc563371b85a646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boletonet.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Dec 2021 11:26:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 4BJ11EQ93HSXF02X
etag: W/"1c82acd7096e20c1afec684ae3c39931"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IE5ZkPIjAAVtjVTNa6hIAZH83s1Z2UR05Q4rKoERVXmTLsWqp0R0gVwbAPbw0IwvViR%2FVwi7M86WCt09xdUplZn4cn8ydjG%2Bwh%2BOZyziV%2FXZveHC%2Bu8ScthN4YZmMrXt6i5sGS%2F3fiFgu%2F5N0UGtJCP%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c2b32f17cf018c7-FRA
x-amz-id-2: w0KZiTNVkfVynV+0AeuxYzA5NGdGShOTZxWIakuOpUdKbAt++53q/lNTkllOB4hGklWwSG58PNw=

GET
H2 200 app.e6a0ac21.js Show response
www.boletonet.com.br/js/ 16 KB
6 KB 365ms
363ms Script
application/javascript 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/js/app.e6a0ac21.js
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4845548cf9e6fdfc877ea3edfd3cc209607e104cee5468699ae08cdee6693b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boletonet.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Dec 2021 11:26:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 4BJ1RHGG5YFGJ5YM
etag: W/"c55b92b1411ca9d610e3f5a8e727cefa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AppkpjaNB9R%2FkAxn%2BNsdR8b8RaD%2BOzRY8VnUiesYSWG0AKekUNt5Dy0QjTFvgIlBb8a8c1afWrlTsVUgApyrcEmBQYTMbuwqXZLQAlvI7rJHxnRsB0Qtov8zMZPteG%2F7gM1Y%2FJL%2BPAHVJPyViHHy5EAi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c2b32f18cf218c7-FRA
x-amz-id-2: foaL+WZmNIkK4lGZRNdP4gMO7PTshef5RLccbUO8scTNMMSavH0yumASLGyKUpWu/Ipgrap8XYY=

GET
H2 200 runtime.5a9c255e.js Show response
www.boletonet.com.br/js/ 4 KB
2 KB 280ms
278ms Script
application/javascript 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/js/runtime.5a9c255e.js
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a793c689fed574fe13d99241ca79066446f3f51540572b4b67fcd9e21736db4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boletonet.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Dec 2021 11:26:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 4BJ7HEGH3WMXT4MW
etag: W/"fabb3eb0daa29bd41987e6245d6d9c34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXWGyLLToPeephkrx%2FBuFAwUE%2Fhj4CZ17f5NjgHJzhgpBAcjlVN2btsu%2FyguDzVNAjUnnPX2GzLaXomhiLNbJya51xZlLzNwDxg937DR24RCGkyDatiA0CV4oEXW1tylDSt3TBt0UHxeftM6kufJtNmK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c2b32f18cf318c7-FRA
x-amz-id-2: bE/cHzWOa8/EMLjL8lLwGJHxGEq/KfdFatV/z7DFj8FqEzpd6k2XDBElYuUOKTqTLJSp5qFa55s=

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ 408 KB
164 KB 93ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boletonet.com.br/
Origin: https://www.boletonet.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 15:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167425
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 15:53:33 GMT

GET
H2 200 9.7e06161a.css
www.boletonet.com.br/css/ 64 B
518 B 264ms
264ms Stylesheet
text/css 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/css/9.7e06161a.css
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/js/runtime.5a9c255e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777a3e8f01015131dc59f5836686005d8e67f6eb10cc7e522dbf4741b5c05bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boletonet.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Dec 2021 11:26:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: PMEYE1QKV21GGP2S
etag: W/"770ec7f95c540cc707e463609d53c444"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7q1ijou8F4BFcHSeKvBM1XWLec%2BCsZyvYIpXSuiOQ5wHhLLTgx8q4%2FOTMOgrwekBKGZwyQEU2PAzn6lV6L6CPS3Ockwo2LE89d3Lg3NZURmduEgW8TRRqOxCWro15bLUjiZAIGn6S98D%2BQ1%2FuCH0bXHY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c2b32f7dde818c7-FRA
x-amz-id-2: 0VKVm8Q25korpGGIVhgUGuenVwnGb5F/oITdqD3QSK5fNAsS+A+n80emshmIUGHMbbaspqtOPq8=

GET
H2 200 9.a8a5f174.js Show response
www.boletonet.com.br/js/ 24 KB
17 KB 385ms
385ms Script
application/javascript 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/js/9.a8a5f174.js
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/js/runtime.5a9c255e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7885cd379f42ac6499fd4850e35680cbbf01d6ad134ae425594642ab13d8a6da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boletonet.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Dec 2021 11:26:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: PMENNA336GQNSXD5
etag: W/"c435bf1bd2436df7f56ca9d06f89fc64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvcn3ksYf5qyz8C42A8ExEdLpMSvmzG8QNK%2FS9NyF9lAdmAJNc9Amsf1Hr%2FvbPkHC9s20%2B7w2etzU29isHr8ohrNCVjUz30TPRXHqJJaH8XP8JQGbLAXjRzMZpuFWZcIL8vkK2CY6GUGO5yswnC4Uzfa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c2b32f7ddea18c7-FRA
x-amz-id-2: TNyL8xixDu3OceAzsr2I4Fy2V0WY4pM/93irKdmuNwNCzla7HTLESPtMVryCd9GHLdwOhTcpHaM=

GET
H2

200

invisible.js Show response
www.boletonet.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/ Frame 6B08
Redirect Chain

https://www.boletonet.com.br/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.boletonet.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

25 KB
11 KB

35ms
34ms

Script
application/javascript

2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.boletonet.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

Requested by

Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/

Protocol

Server

2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f2754bea9c28a16c44214525e0fa8dbcaefbf32d8a4faf1570b5fb5f73947b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Slip4lkcpTQSxYaDpm5zpDC%2F%2FVQKNUkJdhIbmhBRurXQFtmHwgQfhzTMXtj%2F%2FNOL5uBa4ECKlPk%2FdG%2B%2BiexR9iVX6iXs3JcNIk6dwKWJ0ddomzURl3L%2F%2BPnCPUHy%2Bb%2BJBdPQu8EIodkf%2B1IRCjUpGVvd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c2b32f88eb918c7-FRA

Redirect headers

date: Fri, 05 May 2023 18:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7Vxjpnu5%2FgmSS88UGggP8M2ez7fp%2FroAcQD6ePSBJxic2KdOZFBSmIWpnRxi3wa3NUVK4hY6d3fFMqkTAswksQ8r2kn8jWbAu2XUvU2czikdLxY2llt5NAeGzaiALEhsQVhGW%2B4Rq29mC1gSkumIQgz"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7c2b32f83e6418c7-FRA

GET
H2 200 pica.js
www.boletonet.com.br/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6B08 6 KB
3 KB 19ms
19ms Other
application/javascript 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.boletonet.com.br/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c2fa438cb97d0b0f8e4b84a38437aad6bfb5e0d8f83a106888b5ca5d263037

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhKRRlLXdz58jzITso2%2FCP3gdSjE74Ilb8OXuKAdzU9TC7iRCWk62meBZrxlbWDhdukHaqjLlWDgMRTvOZeNrYavNo55E9r6xGYxCFKoFzg6Jb1oS4Yzr5NYWY29iVSTrddt0mSRagEi0h9WuRHvgNTo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c2b32f8bf2018c7-FRA

POST
H2 200 7c2b32efba7218c7 Show response
www.boletonet.com.br/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6B08 2 B
523 B 35ms
35ms XHR
text/plain 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/cdn-cgi/challenge-platform/h/g/cv/result/7c2b32efba7218c7
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 May 2023 18:55:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2b32f9e90618c7-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoCwHqUgNnck4j3JtF2UAWvlqRMkb19FP%2BvO6Eh0Qo3%2Fjt7cm%2FI1WV51ggXaqL0lfoCZfZzIjuDkFhSKFfAOG%2F9MxvLdahgUqoi3jQWa1BbRgjvFMWWYspbg0vkxBJ8qfVHwtvRH4GMiQTFDujQlZNYJ"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxM.49ae34d4.woff
www.boletonet.com.br/fonts/ 20 KB
20 KB 375ms
375ms Font
binary/octet-stream 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/fonts/KFOmCnqEu92Fr1Mu4mxM.49ae34d4.woff
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/css/app.968d5f1c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1dc87f99c7ff228806117d58f085c6c573057fa237228081802b7d8d3cf7684

Request headers

Referer: https://www.boletonet.com.br/css/app.968d5f1c.css
Origin: https://www.boletonet.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:41 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Dec 2021 11:26:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: P1VFYKAXJR3GGB7T
etag: "60fa3c0614b8fb2f394fa29944c21540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJBfEFwdursvFzOl4wK6XfGgoTyzFyv007Z%2BsWQ2XNM2mNy%2BJl3A6%2B08ZfdJQqoY9aS7hwRWFKVb%2FF9lrUjtjTGJ88%2BnPkjGG3OOYuD15aCUDOIFDf5%2BRf%2FmrwZLQKpsjTTFUW8Vxz1TehqTFnr%2FOA2u"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c2b32f9f91918c7-FRA
content-length: 20268
x-amz-id-2: YEA8H5VlCQS6AM24IInzTvJix0iDERffUwObQVvoyUZSRvmc2qg/EOX6ppXh3f4JhHePyRNe+Wg=

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc-.865f928c.woff
www.boletonet.com.br/fonts/ 20 KB
20 KB 358ms
357ms Font
binary/octet-stream 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/fonts/KFOlCnqEu92Fr1MmSU5fBBc-.865f928c.woff
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/css/app.968d5f1c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b05400fff9da5b43862e3713099e3913916a629560265ed24b19d031227cbf

Request headers

Referer: https://www.boletonet.com.br/css/app.968d5f1c.css
Origin: https://www.boletonet.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:41 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Dec 2021 11:26:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: P1V067R5YNXGVABC
etag: "b00849e00f4c2331cddd8ffb44a6720b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0CfHOBT3ra%2BNQN7%2Fj3teAoqzMStDTt1kV2kw8hJXtPiZJY2MIrgGzL6gM3Gr5Xu8brjmIK%2BwZ38831v2VmibEzwCMPBPCAxlmuJw2FLasWsU2ktKxpgwtsHawui3LbI8BXuKqJU%2FX2zhl3RgN7DBlOH"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c2b32fa79b118c7-FRA
content-length: 20348
x-amz-id-2: ntI+miCAVC7hEQzeQAGpaPYkqJH5wko8UOnRhfjYQkslFTBHENrreeGYDRW3+D7NZ6BdFZtM11U=

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.0b27c5d6.woff2
www.boletonet.com.br/fonts/ 99 KB
99 KB 435ms
435ms Font
binary/octet-stream 2606:4700:20::ac43:4781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boletonet.com.br/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.0b27c5d6.woff2
Requested by: Host: www.boletonet.com.br
URL: https://www.boletonet.com.br/css/app.968d5f1c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5ae8b5819e6f1cf793d182b9e050d45b9293ba60b9f79ad24de4235738cf22a

Request headers

Referer: https://www.boletonet.com.br/css/app.968d5f1c.css
Origin: https://www.boletonet.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:41 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Dec 2021 11:26:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: P1V9EFV6Z0FS48DA
etag: "0b28ad139a4a7d19ca0b55fb7269ac57"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9IStpz0JUe9Nqrtwsso6%2B10Il9BIvn3c%2FQSpoXxIfvxgr%2FCF2kVeBQ5mQTlPG%2B4rj22zzobZlQzFppmDOSvey9gEWZXXfnvJJLS2xXa9ofSc5FLhOS6dbGHEKaDTNlJ6UP5fyRH1aZvC75ObzbVN86F"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c2b32fa79b218c7-FRA
content-length: 101108
x-amz-id-2: j65/v1eZ6cIjsUujVbzRieF1DhjA7QAwiSUM1+elui6ew0xT/0WjReSLFBcT08BqwRkPV/0Bc8Y=

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5DEF 51 KB
28 KB 38ms
37ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdaTO4ZAAAAALKiqBb76C5WuDS0ms4S6DfUeo60&co=aHR0cHM6Ly93d3cuYm9sZXRvbmV0LmNvbS5icjo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=fu7yvtiz2g2f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55a10f3733d79bb6453884ab848bd895ad43bf7cce9aec3df6636110daf95e50

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E7-FDeDsOZ4D3q-l1KQpzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.boletonet.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28657
content-security-policy: script-src 'report-sample' 'nonce-E7-FDeDsOZ4D3q-l1KQpzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 18:55:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81b7b6553d0bfc90ca8fde7eb74f535ba21e8dd9959823947a2029b11ba9dbf7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42a719386f614dbae73bbc283d10194598f211fe6cf73f610be08bf10c66e044

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 5DEF 55 KB
24 KB 20ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdaTO4ZAAAAALKiqBb76C5WuDS0ms4S6DfUeo60&co=aHR0cHM6Ly93d3cuYm9sZXRvbmV0LmNvbS5icjo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=fu7yvtiz2g2f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 18:40:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 5DEF 408 KB
164 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 15:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167425
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 15:53:33 GMT

GET
DATA 200
OK truncated
/ Frame 5DEF 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5DEF 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5DEF 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:52:14 GMT
x-content-type-options: nosniff
age: 500607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 06 May 2023 23:52:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5DEF 15 KB
16 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 502026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 23:28:35 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5DEF 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad10a96d76d0545db3cd7ef7c37e917d5ee9f8bc9807a4bc59faa8e527f72a1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdaTO4ZAAAAALKiqBb76C5WuDS0ms4S6DfUeo60&co=aHR0cHM6Ly93d3cuYm9sZXRvbmV0LmNvbS5icjo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=fu7yvtiz2g2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 05 May 2023 18:55:41 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3450 7 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LdaTO4ZAAAAALKiqBb76C5WuDS0ms4S6DfUeo60

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

786c0c9fada033384911a3a43791370754bd6a022580db29bf0f7e0a0d32961f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IutY3QddRLNNh6I2lIemVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.boletonet.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1153
content-security-policy: script-src 'report-sample' 'nonce-IutY3QddRLNNh6I2lIemVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 18:55:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 3450 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LdaTO4ZAAAAALKiqBb76C5WuDS0ms4S6DfUeo60

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 18:40:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 3450 408 KB
164 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LdaTO4ZAAAAALKiqBb76C5WuDS0ms4S6DfUeo60

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 15:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167425
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 15:53:33 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.boletonet.com.br/	1970-01-20 11:35:14	Name: __cf_bm Value: rO7KBCWmW4xKVoh1393Qe7CB4MCFO.T_vS9qNtfdaU4-1683312941-0-AQ3Zj/zO/rnhdN22QvRgugDB5gANDjDfbL+6SsF0L1aDAK+eApCvNsBQaXSzUlUrW29RPpFs2optlYZ2lTj4I6TI5SQhAUrPH1LYMvEiaKvS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boletonet.com.br
fonts.gstatic.com
www.boletonet.com.br
www.google.com
www.gstatic.com
2606:4700:20::ac43:4781
2a00:1450:4001:800::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2003
038d5db7f0bbb0180d5f7aa3c8b241bf5f8b5bd4b54ae9710c5783ee67ed9a8f
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3a4845548cf9e6fdfc877ea3edfd3cc209607e104cee5468699ae08cdee6693b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42a719386f614dbae73bbc283d10194598f211fe6cf73f610be08bf10c66e044
438055197241dfc48f6b736720ac0d0347d0777b2e2643723fc563371b85a646
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4f3209e5481f170ee1f5afb067a4db7058da5f9338a8bc32a7535327b67a98b7
55a10f3733d79bb6453884ab848bd895ad43bf7cce9aec3df6636110daf95e50
6f2754bea9c28a16c44214525e0fa8dbcaefbf32d8a4faf1570b5fb5f73947b6
74c2fa438cb97d0b0f8e4b84a38437aad6bfb5e0d8f83a106888b5ca5d263037
76b05400fff9da5b43862e3713099e3913916a629560265ed24b19d031227cbf
777a3e8f01015131dc59f5836686005d8e67f6eb10cc7e522dbf4741b5c05bb6
7863cecaa7ea21068412e699dfb0f5f3f00558d4bfbe039effa94332b214bfad
786c0c9fada033384911a3a43791370754bd6a022580db29bf0f7e0a0d32961f
7885cd379f42ac6499fd4850e35680cbbf01d6ad134ae425594642ab13d8a6da
81b7b6553d0bfc90ca8fde7eb74f535ba21e8dd9959823947a2029b11ba9dbf7
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a793c689fed574fe13d99241ca79066446f3f51540572b4b67fcd9e21736db4d
ad10a96d76d0545db3cd7ef7c37e917d5ee9f8bc9807a4bc59faa8e527f72a1b
b5ae8b5819e6f1cf793d182b9e050d45b9293ba60b9f79ad24de4235738cf22a
c1dc87f99c7ff228806117d58f085c6c573057fa237228081802b7d8d3cf7684

www.boletonet.com.br Open in urlscan Pro 2606:4700:20::ac43:4781 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

100 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

1341 kBTransfer

4234 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.boletonet.com.br Open in urlscan Pro
2606:4700:20::ac43:4781 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

100 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

1341 kB
Transfer

4234 kB
Size

1
Cookies

24 HTTP transactions
4 data transactions