urlscan.io logo urlscan.io
SecurityTrails logo

segundaviadeboletos.com.br Open in urlscan Pro
172.67.173.245  Public Scan

Go To Rescan Add Verdict Report
URL: https://segundaviadeboletos.com.br/
Submission: On August 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 7 domains to perform 51 HTTP transactions. The main IP is 172.67.173.245, located in United States and belongs to CLOUDFLARENET, US. The main domain is segundaviadeboletos.com.br.
TLS certificate: Issued by WE1 on July 31st 2024. Valid for: 3 months.
This is the only time segundaviadeboletos.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3033::6815:1edb (United States)

ASN13335 (CLOUDFLARENET, US)
segundaviadeboletos.com.br
16    172.67.173.245 (United States)

ASN13335 (CLOUDFLARENET, US)
segundaviadeboletos.com.br
4    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
pagead2.googlesyndication.com
1    2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    142.251.40.196 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f4.1e100.net
www.google.com
1    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
cse.google.com
2    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.251.35.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
ep1.adtrafficquality.google
2    2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
25 segundaviadeboletos.com.br
segundaviadeboletos.com.br
183 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 10
cse.google.com — Cisco Umbrella Rank: 5849
107 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
194 KB
2 adtrafficquality.google
ep1.adtrafficquality.google
ep2.adtrafficquality.google
20 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 Failed
103 KB
51 7
Domain Requested by
25 segundaviadeboletos.com.br segundaviadeboletos.com.br
5 www.google.com 1 redirects www.google.com
ep2.adtrafficquality.google
4 pagead2.googlesyndication.com segundaviadeboletos.com.br
pagead2.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 tpc.googlesyndication.com ep2.adtrafficquality.google
1 ep2.adtrafficquality.google pagead2.googlesyndication.com
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 cse.google.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com segundaviadeboletos.com.br
51 10

This site contains no links.

Subject Issuer Validity Valid
segundaviadeboletos.com.br
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
adtrafficquality.google
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://segundaviadeboletos.com.br/
Frame ID: 566987DB7B5EA2756D64B13FF01A60D2
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240827/r20110914/zrt_lookup_fy2021.html
Frame ID: 67AAEF14545E3EE32AC0E4A55435D910
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8406735898692650&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1724989564&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=https%3A%2F%2Fsegundaviadeboletos.com.br%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724989563401&bpp=8&bdt=1009&idt=803&shv=r20240827&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5821467999675&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31086546%2C95338229%2C95341664%2C31086140&oid=2&pvsid=976756207035470&tmod=234043608&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fsegundaviadeboletos.com.br%2F&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=850
Frame ID: 58CDD629424AB6C63DA81736F68924A1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E7C5FAA6DE788C5B640FE6A010DC030
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4437F8144625541272A7C6803A23E7C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

-

Page URL History Show full URLs

  1. https://segundaviadeboletos.com.br/ Page URL
  2. https://segundaviadeboletos.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

51
Requests

78 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

11
IPs

1
Countries

607 kB
Transfer

2269 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://segundaviadeboletos.com.br/ Page URL
  2. https://segundaviadeboletos.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://www.google.com/cse/cse.js?cx=41199a37e3d864dd6 HTTP 301
  • https://cse.google.com/cse/cse.js?cx=41199a37e3d864dd6

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
segundaviadeboletos.com.br/ 		66 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7886a90c426251db7ee0f709956a2065cd7758fac5fa102d8af8199a5ace544f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bb1ca893d877ecf-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Aug 2024 03:46:00 GMT
link
<https://segundaviadeboletos.com.br/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N2IxNu7bjOX%2BZoid6ZvVnLwYw%2FzXskLTfai9Vy273zN8BpsHMoIv8SMtLzr0a3y6Tszf9k21aODlHN3c62YT1GAeIExQbc5%2F9ddcLyo63v0kNMx7tribGZOC7%2F6MHsIiHMKEBfn%2FS0mGP1TtYXC6CR0Qbwfj9lWRiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
b12_HTTP.200,b12_home,b12_URL.6666cd76f96956469e7be39d750cc7d9,b12_F,b12_guest,b12_,b12_UCSS.bb011d2f86510b43f16092b0d76a1b49,b12_MIN.d2fe6e7ae9c96fae935e64bffefd1756.css,b12_MIN.81695419e53aec0bd10b1fa3985cd044.js
d2fe6e7ae9c96fae935e64bffefd1756.css
segundaviadeboletos.com.br/wp-content/litespeed/css/ 		230 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/litespeed/css/d2fe6e7ae9c96fae935e64bffefd1756.css?ver=91d82
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7885699afa61589c0ea34f5c75f4779675b76b84d98d4ff86ca90063e9c020a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 30 Aug 2024 03:46:00 GMT
server
cloudflare
etag
"396ba-66d14078-8a94ef;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84L0XlXIRSFZoPuEi5aAX19tTl4Z76ysmrxt%2BiQpqo7J4ezACOEl3D9xYlkpwDhxZEOMuH%2FR2vUPEMtKbomwNqzFP7TjJsYh0S2Z9yTIFFTMt7C7CRcC0j%2BpNKFJ8FYvQnh1QAzoKr4Jzc9lqrk94V%2Bk%2BRHlfwviXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
cf-ray
8bb1ca904ce97ecf-LAX
expires
Fri, 06 Sep 2024 03:46:00 GMT
style-frontend-pro.css
segundaviadeboletos.com.br/wp-content/plugins/social-pug/assets/dist/ 		108 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/social-pug/assets/dist/style-frontend-pro.css?ver=1.34.3
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4ab785dd5b7051b7b079399ebeaba1e2898dbb9b6f99d2b6867b1e72e319de7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=110485
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 16 Jul 2024 16:42:11 GMT
server
cloudflare
etag
W/"1af95-6696a2e3-58283c;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRoAfU%2BHDPPyWdGWlv3nHerML6c6POrOfFyhPy%2BOVKvcFPGbyemUSkbu2jInPQbrsBVVE3xhjzmllDSnjzt0Gi3IjPmAKEH%2BiHyNm552bRRw8bHfnXrZMm2IHmee4JeaMddTBIkR1Whlq7e5pZz4Hbz6LKwN1MHGFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
cf-ray
8bb1ca904cea7ecf-LAX
expires
Sun, 01 Sep 2024 22:10:46 GMT
rocket-loader.min.js
segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2024 19:10:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"66ce24be-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQ1YfUwE7eYWr1YMLraKYkp9nlA2EvUkPzDYvDcUQR%2BaHpoW7gO6xYHljqNAPnK3HKx6Qi5mobcpjpgLEfy9lcskwy3N6m82UbyHqijj1GNFIQ5DqJUA3jKvCfU78wZilzc4dxEUu3IG5aZ9NTrNj%2Bs%2BcyIpualC6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8bb1ca907d277ecf-LAX
expires
Sun, 01 Sep 2024 03:46:00 GMT
truncated
/ 		165 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9adf7f700b5b47625515ed8a260c9f82d0b4be0e18f14f16edc7395706dd806a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf001ca6ac5d190dee4df02bdbdcd229bab94581e47207c67d85032e7688dfe8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
instant_click.min.js
segundaviadeboletos.com.br/wp-content/plugins/litespeed-cache/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=6.4.1
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3d0e8b3eeb7ba127f9a3fa28f85a045e502f1b3740740c8464ee70d65588e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sun, 25 Aug 2024 22:18:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"1210-66cbad9b-5a5a1e;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y5aFeDVYKI6ir7pFyOc58JSHuzvM9uPWiVPKTkJuXLiDwtGoIRzWq8RONGONrsph7CfBABTsJ8Smoht%2F7BQeQwHdvQgCvV62KZiSmxzu7%2BxqBIXmfS1GS2twgN8PRct%2FQV31dCcgzAGsRVT6%2BT%2FOK80dRGqJg2nXPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1ca922f187ecf-LAX
alt-svc
h3=":443"; ma=86400
guest.vary.php
segundaviadeboletos.com.br/wp-content/plugins/litespeed-cache/ 		16 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kjAilaO3ZHm6c7bFlMZ6aMP%2BfCtF46HrdcSZd%2BpbqiK58RCn1fXdqP0Im%2B4jhSvWcRxalrVcNRFmuhqF2O%2Fi%2FSYRwjobPaMtKWCXaNXbUS0SZc2GWKK27yGHuei8e0mTYja0fVh3cw62yEramogUPBnoPPraT23qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-litespeed-cache-control
no-cache
x-robots-tag
noindex
alt-svc
h3=":443"; ma=86400
cf-ray
8bb1ca93f9927ecf-LAX
cropped-segundaviadeboleto-250x84.png
segundaviadeboletos.com.br/wp-content/uploads/2024/07/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segundaviadeboletos.com.br/wp-content/uploads/2024/07/cropped-segundaviadeboleto-250x84.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
17894
last-modified
Sun, 07 Jul 2024 21:57:00 GMT
server
cloudflare
etag
"45e6-668b0f2c-583417;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSQAXyHwFm6ODUJpnvvI5FrKjOl%2Bj3qUQrMGrpnDGD87iM7JCH%2FXsJW1EVEQpBMcMN9j3X2YpN1LJq%2BK1GakHBCJCMNOVF1%2FFeJLoQP1vx1EMSHbJosaGtCYpFu8WSw8VPc0%2FoTemduWebHMrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
8bb1ca94199b1029-LAX
expires
Sun, 01 Sep 2024 22:25:50 GMT
boleto-registrado-em-sao-paulo-sp-1024x576.jpg
segundaviadeboletos.com.br/wp-content/uploads/2022/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segundaviadeboletos.com.br/wp-content/uploads/2022/12/boleto-registrado-em-sao-paulo-sp-1024x576.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
23464
last-modified
Mon, 09 Jan 2023 20:42:53 GMT
server
cloudflare
etag
"5ba8-63bc7c4d-5832c8;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSzWUjZGcEGlZzjdlnRGWKcIRxGOAqOOkkc60M7%2FgiQIfGNdLlLwkiza3LDQKm8xUhRIEIQru69mZ3zLQPDsifpUg3kYlbgThirDeBu5WAQkkTFuibk1orytA1hZqzoLljLpwglBmQmzGCliVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
8bb1ca9419a01029-LAX
expires
Sun, 01 Sep 2024 22:25:50 GMT
cropped-Logotipo-para-Blogs-Icone-Amarelo-e-Preto-32x32.png
segundaviadeboletos.com.br/wp-content/uploads/2024/08/ 		899 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/uploads/2024/08/cropped-Logotipo-para-Blogs-Icone-Amarelo-e-Preto-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
899
last-modified
Thu, 29 Aug 2024 18:10:31 GMT
server
cloudflare
etag
"383-66d0b997-58e56c;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzAwbnwUM%2BDymUupra4640HvItdClNWDbbFz2hg8xlOQ5BulApIHIncdLkFFjTGyCKp5R4nfQnN%2BUZ7grRp67QZ8pBOo0T7GUPFdgUDR0H1NDkRXbe4CKgvwuRjNlpQf63JfxyjcAmdOqeTE8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
8bb1ca9419a21029-LAX
expires
Thu, 05 Sep 2024 18:10:31 GMT
Primary Request /
segundaviadeboletos.com.br/ 		71 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947e6a94c5458231108e368eee6cbc0cf304c8f28d30b887dc717850fd64a244
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bb1ca959bda1029-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Aug 2024 03:46:02 GMT
link
<https://segundaviadeboletos.com.br/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzc4DikHWvqaJtIDDA4KGrsgQ0BWSRcEUNiCc1LKKAq60tiMWjnF4PrB71y%2FsZfHOhVB1G8qPz58j1%2BW8xyW3yByZO5brafbfxJCzNH1GtmrG6IU3WeQOwRyRdJwCwOnpm1Pva4SjCQr1yE2vg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
b12_HTTP.200,b12_home,b12_URL.6666cd76f96956469e7be39d750cc7d9,b12_F,b12_,b12_MIN.03f989feb1342a8bfdfeff41b962fa99.css
03f989feb1342a8bfdfeff41b962fa99.css
segundaviadeboletos.com.br/wp-content/litespeed/css/ 		230 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/litespeed/css/03f989feb1342a8bfdfeff41b962fa99.css?ver=91d82
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2785dc556d32ec8b9e502ecdae9d5bcd840e5ec6b0bd715e061aa40aa64012b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 30 Aug 2024 03:46:02 GMT
server
cloudflare
etag
"397be-66d1407a-8a94f0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Dkpz1sIlwyVFcNNNJma%2BdxZJRuqDD1PFQfhc3ZxgcqzrKsH2wkAigxaSTJKUtg8jP63HI1oKwas9Ypz1U9aqUjeyet28qZcHVJKqqp9tHlAoKScNXhByyUMydhp4gnlqotjsizMLyfWJhzvcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
cf-ray
8bb1ca9d3dfa1029-LAX
expires
Fri, 06 Sep 2024 03:46:02 GMT
style-frontend-pro.css
segundaviadeboletos.com.br/wp-content/plugins/social-pug/assets/dist/ 		108 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/social-pug/assets/dist/style-frontend-pro.css?ver=1.34.3
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4ab785dd5b7051b7b079399ebeaba1e2898dbb9b6f99d2b6867b1e72e319de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=110485
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 16 Jul 2024 16:42:11 GMT
server
cloudflare
etag
W/"1af95-6696a2e3-58283c;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRoAfU%2BHDPPyWdGWlv3nHerML6c6POrOfFyhPy%2BOVKvcFPGbyemUSkbu2jInPQbrsBVVE3xhjzmllDSnjzt0Gi3IjPmAKEH%2BiHyNm552bRRw8bHfnXrZMm2IHmee4JeaMddTBIkR1Whlq7e5pZz4Hbz6LKwN1MHGFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
cf-ray
8bb1ca904cea7ecf-LAX
expires
Sun, 01 Sep 2024 22:10:46 GMT
rocket-loader.min.js
segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2024 19:10:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"66ce24be-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQ1YfUwE7eYWr1YMLraKYkp9nlA2EvUkPzDYvDcUQR%2BaHpoW7gO6xYHljqNAPnK3HKx6Qi5mobcpjpgLEfy9lcskwy3N6m82UbyHqijj1GNFIQ5DqJUA3jKvCfU78wZilzc4dxEUu3IG5aZ9NTrNj%2Bs%2BcyIpualC6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8bb1ca907d277ecf-LAX
expires
Sun, 01 Sep 2024 03:46:00 GMT
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0cc5ab68993abc8854ea632c9d48e87d49233699efb76a1c9367dc4c6fc023a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		313 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61c519e995be939bd16d1e8230c08e7a4b35f811a021dbdf671377a6f8efe718

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		324 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae9de52233685161ea61d4d2125cfdc5173e6b1a7fbeec4acd0a6f593c1e2458

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
hcaptcha-spectra.min.js
segundaviadeboletos.com.br/wp-content/plugins/hcaptcha-for-forms-and-more/assets/js/ 		0
0
hcaptcha.js
segundaviadeboletos.com.br/wp-content/plugins/hcaptcha-for-forms-and-more/assets/js/apps/ 		0
0
truncated
/ 		144 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dbbe788d942eb02719025ea194bedb1578d798d7a2af18127ce3d3d6fcc5fa0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
instant_click.min.js
segundaviadeboletos.com.br/wp-content/plugins/litespeed-cache/assets/js/ 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=6.4.1
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3d0e8b3eeb7ba127f9a3fa28f85a045e502f1b3740740c8464ee70d65588e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sun, 25 Aug 2024 22:18:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"1210-66cbad9b-5a5a1e;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y5aFeDVYKI6ir7pFyOc58JSHuzvM9uPWiVPKTkJuXLiDwtGoIRzWq8RONGONrsph7CfBABTsJ8Smoht%2F7BQeQwHdvQgCvV62KZiSmxzu7%2BxqBIXmfS1GS2twgN8PRct%2FQV31dCcgzAGsRVT6%2BT%2FOK80dRGqJg2nXPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1ca922f187ecf-LAX
alt-svc
h3=":443"; ma=86400
index.js
segundaviadeboletos.com.br/wp-content/plugins/contact-form-7/includes/js/ 		0
0
truncated
/ 		122 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b938e7c334cfbed33a02861fb0a51bf151ba518404862ae035374b184e62e53

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
index.js
segundaviadeboletos.com.br/wp-content/plugins/contact-form-7/includes/swv/js/ 		0
0
truncated
/ 		58 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94c4eed60653e14337c021261a52581e9b6f93ae9ba512912ca30ce656b3ac64

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
i18n.min.js
segundaviadeboletos.com.br/wp-includes/js/dist/ 		0
0
hooks.min.js
segundaviadeboletos.com.br/wp-includes/js/dist/ 		0
0
frontend.min.js
segundaviadeboletos.com.br/wp-content/themes/astra/assets/js/minified/ 		0
0
truncated
/ 		156 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fa19feb446718812bfbc1f30bd91e18994f90db5fc7497bf7915bf4b3cf22b9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
google_cse_v2.js
segundaviadeboletos.com.br/wp-content/plugins/wp-google-search/assets/js/ 		0
0
truncated
/ 		64 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f43e182c2ae1f34ba1aa1c73be20218768c53ab6b4ea364682c502fabfdad52d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1002 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75bfd4f6620cbc8b1ce25415484ea2d7e3a782a030474df5d581bff58cdb8b12

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8406735898692650
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
6281c463b446297087c6e9bd3e6c82d4824419a822e6d7cb5939e7c246aa84c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
Origin
https://segundaviadeboletos.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52228
x-xss-protection
0
server
cafe
etag
8881016641560189625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 30 Aug 2024 03:46:03 GMT
truncated
/ 		233 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6307ea6e3e698b2b8d75746b19de1ad31a8df93949c1cde2eb8f6c26317c1e1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		0
0
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69a296d661588d06f41ea37d2b9483c9d894516a7487149af73da7a41359c1d0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
cropped-Logotipo-para-Blogs-Icone-Amarelo-e-Preto-32x32.png
segundaviadeboletos.com.br/wp-content/uploads/2024/08/ 		899 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/uploads/2024/08/cropped-Logotipo-para-Blogs-Icone-Amarelo-e-Preto-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ff088ef3bf5c89fe480fb80afa236ba98404b7b63131ec8fb580bd8af375bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
899
last-modified
Thu, 29 Aug 2024 18:10:31 GMT
server
cloudflare
etag
"383-66d0b997-58e56c;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzAwbnwUM%2BDymUupra4640HvItdClNWDbbFz2hg8xlOQ5BulApIHIncdLkFFjTGyCKp5R4nfQnN%2BUZ7grRp67QZ8pBOo0T7GUPFdgUDR0H1NDkRXbe4CKgvwuRjNlpQf63JfxyjcAmdOqeTE8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
8bb1ca9419a21029-LAX
expires
Thu, 05 Sep 2024 18:10:31 GMT
js
www.googletagmanager.com/gtag/ 		309 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-PHRCGWV8
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5543830f907f932a14f8dbab2fa6a0fb735975a7dc39bfd35d30f44b8cdbe68a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104642
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Aug 2024 03:46:03 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/ 		428 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8406735898692650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
17332508b37924994dab276d6132d9115130f419a4079c96576e38441ad3e2ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146395
x-xss-protection
0
server
cafe
etag
4884065486331406290
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Aug 2024 03:46:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759876%2C44759927%2C44759837%2C31086546%2C95338229%2C95341664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 03:46:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YMX9V1KW8L&gtm=45Pe48s0v9180489666za200&_p=1724989563598&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&gdid=dZTNiMT&cid=104344424.1724989564&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724989563&sct=1&seg=0&dl=https%3A%2F%2Fsegundaviadeboletos.com.br%2F&dr=https%3A%2F%2Fsegundaviadeboletos.com.br%2F&dt=-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2450
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-PHRCGWV8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 03:46:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://segundaviadeboletos.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google_cse_v2.js
segundaviadeboletos.com.br/wp-content/plugins/wp-google-search/assets/js/ 		333 B
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/wp-google-search/assets/js/google_cse_v2.js?ver=1
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699d4828c42481ca941e4faf8ffa28d0e08f30044d54b41af5a8d9bde16dcddd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
cf-polished
origSize=468
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 05:15:31 GMT
server
cloudflare
etag
W/"1d4-63c8d1f3-582d8b;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=osNfSYaD%2FoEBAyyDGKWYiKQw8BzeRIhi2zCFz%2BpjaA2cCKMOxHLGQD%2BdlG1YVH012t0m8vyTh3n%2BXrS0wD8I7Q8bdAEc9yeh0MokIWhhfU2ApPvCdPbBIAJa%2Bli%2F8AUF7579PVrNEdjZYPr9Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1caa4da0c1029-LAX
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=41199a37e3d864dd6
  • https://cse.google.com/cse/cse.js?cx=41199a37e3d864dd6
6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=41199a37e3d864dd6
Protocol
H2
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e8e2503c0efae58135253ff5812b0d124c0aa999e76bf322eab2e3d0144fa974
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-ZxXr1R-N9sLmdS4SrbWWrQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-ZxXr1R-N9sLmdS4SrbWWrQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Fri, 30 Aug 2024 03:46:04 GMT
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
permissions-policy
unload=()
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2426
x-xss-protection
0

Redirect headers

date
Fri, 30 Aug 2024 03:46:04 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=41199a37e3d864dd6
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
expires
Fri, 30 Aug 2024 04:16:04 GMT
frontend.min.js
segundaviadeboletos.com.br/wp-content/themes/astra/assets/js/minified/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.8.0
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7d107ff526497197857d49dfe2b6a84d99c97e56facc7b57bef4776d4c4ca2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 25 Aug 2024 22:20:00 GMT
server
cloudflare
etag
W/"5b1a-66cbae10-5a612c;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BiJ6xUFbB9XR72WzjELaGdFrgBLlqmp3wYLCuTz%2BirO626ngOU%2FmC0yGZToWMo7oVYoVZA6WFxEhGc3nzMeIEal5dDYlcTph1oDL80vpETOx6oUu2MfQVvtOJFFc9uCoY0EOD1X%2BvwZ67EUBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1caa56af01029-LAX
hooks.min.js
segundaviadeboletos.com.br/wp-includes/js/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 14:29:18 GMT
server
cloudflare
etag
W/"10d3-660eb93e-5a0612;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A26%2FQ7ZqNHyfY6Cc81KaRNLjik8bF0oPQzrfxDan7xGQzJCvnRWVXlB1FO3Bn4NbipA%2B%2BQo1Hqp3PRpqlXAx87wPBJ9GTXg3Kf%2BSN6uECub7d%2BInT%2BkweVhoEtM6a7vknMEhQGaei4VmCaYisg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1caa61bf21029-LAX
i18n.min.js
segundaviadeboletos.com.br/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 14:29:19 GMT
server
cloudflare
etag
W/"23b5-660eb93f-5a0616;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VjveEGLdKGGRjdk1OWNENl8UjnrIsNa0Up0TedOzZKwCXV2sn5mimxupYAdCcT2MxTKiq98scQ2ICr2F%2FHIGDhaShD1hso5pYn%2Bu%2BzPeYX4i%2BsJUtZ18pCG25uEEMh2NEIHg%2B4jzz6TM%2FgbuQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1caa6acd31029-LAX
index.js
segundaviadeboletos.com.br/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.8
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 16:41:10 GMT
server
cloudflare
etag
W/"2cf9-66a28026-5814de;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kp9ZRMK5vgZ39r6TyXAw6UYn3UXfvYEnQ%2FyLFqjQts2c93riS6R1ZZjbmVN6228q53DwO3J%2BIOoVOhor%2Fr4jUHkJDtxbLHheIvFKgYsB5pyScU87O6Ixp3Hyf3p8yjmGThOTJalk4tvDzVHm%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1caa73d931029-LAX
index.js
segundaviadeboletos.com.br/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.8
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 16:41:10 GMT
server
cloudflare
etag
W/"346f-66a28026-5814c6;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0il7DI%2BreR6Ndd37Y5h9vzG3P09REB6%2BE3GIUl79xVSfhIFCIPXb4mV%2BvMj2jbb9G1AEJYQa1E6s5FGxvhXG%2FaqAzjOWf8Pp1mrRDXXGXs4%2BJg%2BAQsaaOLHQCyqmQ%2F0cHM7HtTD9RrzQUrCLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1caa7ce691029-LAX
hcaptcha.js
segundaviadeboletos.com.br/wp-content/plugins/hcaptcha-for-forms-and-more/assets/js/apps/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/hcaptcha-for-forms-and-more/assets/js/apps/hcaptcha.js?ver=4.5.0
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb3dc26653b13849e070366a67323cd39bc8d9ad4f517c5dcb25972244f2a4c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Aug 2024 15:50:12 GMT
server
cloudflare
etag
W/"1fa5-66d098b4-8a7ce9;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWiYSo1Mb%2BC0DwEcE6wG%2F4dXFzDBad%2FWN0KT%2F7g1V3eVaYM27FTwL5pzaUIYkw6YGqT9rD72DxehPf9o4U%2BSj3OW7HW2yna0zT3oDCWQjqv4Ki3I18K1Tq060xNlf%2FruMS4CJj7OrCDKjxMX9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1caa85f261029-LAX
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759876%2C44759927%2C44759837%2C31086546%2C95338229%2C95341664%2C31086140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 03:46:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240827/r20110914/ Frame 67AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240827/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
1458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 03:21:46 GMT
etag
5947459844715414650
expires
Fri, 13 Sep 2024 03:21:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 58CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8406735898692650&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1724989564&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=https%3A%2F%2Fsegundaviadeboletos.com.br%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724989563401&bpp=8&bdt=1009&idt=803&shv=r20240827&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5821467999675&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31086546%2C95338229%2C95341664%2C31086140&oid=2&pvsid=976756207035470&tmod=234043608&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fsegundaviadeboletos.com.br%2F&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=850
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 03:46:04 GMT
expires
Fri, 30 Aug 2024 03:46:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hcaptcha-spectra.min.js
segundaviadeboletos.com.br/wp-content/plugins/hcaptcha-for-forms-and-more/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segundaviadeboletos.com.br/wp-content/plugins/hcaptcha-for-forms-and-more/assets/js/hcaptcha-spectra.min.js?ver=4.5.0
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a051c9a17118715a90ba46ee85c958444e101dfed6f8263a30dddb6b84ed1834
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 29 Aug 2024 15:50:12 GMT
server
cloudflare
etag
W/"1f61-66d098b4-8a7d1f;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IaPqx%2FbFZY4Geb1ylfvQkdyLWkQeLUXD4IKeE%2BNp7VEptxXPDlXo%2FOk0%2B6iCsSU0zcYRxKZZGKk0Coqc5VKSnyIEQM4G%2FpAlzCXjY0b8D4wCrC5HxoQaaDSDFLAl7QU5MDeTEU1MIS8uEeoQ1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=16070400
cf-ray
8bb1caa8f8031029-LAX
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20240827&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
ac2be6ba48333bc2871bea7293a6fa49d3b9d8ddfef6c074b99e33b05fe7a550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13209
x-xss-protection
0
cropped-segundaviadeboleto-250x84.png
segundaviadeboletos.com.br/wp-content/uploads/2024/07/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segundaviadeboletos.com.br/wp-content/uploads/2024/07/cropped-segundaviadeboleto-250x84.png
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c7c5fbdcbb6eaef71169e34095fbfa89b0708ae016a6e7294ff86847373188
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
17894
last-modified
Sun, 07 Jul 2024 21:57:00 GMT
server
cloudflare
etag
"45e6-668b0f2c-583417;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSQAXyHwFm6ODUJpnvvI5FrKjOl%2Bj3qUQrMGrpnDGD87iM7JCH%2FXsJW1EVEQpBMcMN9j3X2YpN1LJq%2BK1GakHBCJCMNOVF1%2FFeJLoQP1vx1EMSHbJosaGtCYpFu8WSw8VPc0%2FoTemduWebHMrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
8bb1ca94199b1029-LAX
expires
Sun, 01 Sep 2024 22:25:50 GMT
boleto-registrado-em-sao-paulo-sp-1024x576.jpg
segundaviadeboletos.com.br/wp-content/uploads/2022/12/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segundaviadeboletos.com.br/wp-content/uploads/2022/12/boleto-registrado-em-sao-paulo-sp-1024x576.jpg
Requested by
Host: segundaviadeboletos.com.br
URL: https://segundaviadeboletos.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee72ab954ce5b1ace61c14a0e18449cb4df717054af341e9f2c117580e2df27
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
23464
last-modified
Mon, 09 Jan 2023 20:42:53 GMT
server
cloudflare
etag
"5ba8-63bc7c4d-5832c8;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSzWUjZGcEGlZzjdlnRGWKcIRxGOAqOOkkc60M7%2FgiQIfGNdLlLwkiza3LDQKm8xUhRIEIQru69mZ3zLQPDsifpUg3kYlbgThirDeBu5WAQkkTFuibk1orytA1hZqzoLljLpwglBmQmzGCliVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
8bb1ca9419a01029-LAX
expires
Sun, 01 Sep 2024 22:25:50 GMT
cse_element__en.js
www.google.com/cse/static/element/8fa85d58e016b414/ 		286 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__en.js?usqp=CAI%3D
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=41199a37e3d864dd6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.196 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f4.1e100.net
Software
sffe /
Resource Hash
d480de66b420ea6afb356fe87de6fe62f5cbbd08662f077ff2edae95a2b900df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95840
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 30 Aug 2024 03:46:04 GMT
default+en.css
www.google.com/cse/static/element/8fa85d58e016b414/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=41199a37e3d864dd6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.196 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f4.1e100.net
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9068
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 30 Aug 2024 03:46:04 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=41199a37e3d864dd6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.196 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f4.1e100.net
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 30 Aug 2024 03:57:06 GMT
sodar2.js
ep2.adtrafficquality.google/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 03:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 03:46:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E7C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
75
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 03:44:50 GMT
expires
Sat, 30 Aug 2025 03:44:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4437 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.196 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6YjRlZjKSpEg7p2YKyFj4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://segundaviadeboletos.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6YjRlZjKSpEg7p2YKyFj4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 03:46:05 GMT
expires
Fri, 30 Aug 2024 03:46:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
segundaviadeboletos.com.br
URL
https://segundaviadeboletos.com.br/wp-content/plugins/hcaptcha-for-forms-and-more/assets/js/hcaptcha-spectra.min.js?ver=4.5.0
Domain
segundaviadeboletos.com.br
URL
https://segundaviadeboletos.com.br/wp-content/plugins/hcaptcha-for-forms-and-more/assets/js/apps/hcaptcha.js?ver=4.5.0
Domain
segundaviadeboletos.com.br
URL
https://segundaviadeboletos.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.8
Domain
segundaviadeboletos.com.br
URL
https://segundaviadeboletos.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.8
Domain
segundaviadeboletos.com.br
URL
https://segundaviadeboletos.com.br/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Domain
segundaviadeboletos.com.br
URL
https://segundaviadeboletos.com.br/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Domain
segundaviadeboletos.com.br
URL
https://segundaviadeboletos.com.br/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.8.0
Domain
segundaviadeboletos.com.br
URL
https://segundaviadeboletos.com.br/wp-content/plugins/wp-google-search/assets/js/google_cse_v2.js?ver=1
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=GT-PHRCGWV8
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240827&jk=976756207035470&bg=!0dKl0p3NAAakh3bWhIc7ADQBe5WfOLQzmJTrdhOMLeuo53NMiG4-ckMs5aqxo-jZSX7x4D9hMkLnEccz4i55fPfq9KKaAgAAAFpSAAAABGgBB34ANsAEscvMEiIPmQoVj2n2lGXzrgufucpnYWO8AcwB1oqOhlNbuTfyzJK62PeMPOgRX7-YX_WmwQoAGyFWFVwr5m267GxKDD4grV2NR72lS3M-GIvLHZkCyR5bJmp84PneWEJdeAr2qiiDwhamKzhq08gP8rJSBpa2VkMvItpyROMRkNpODUi4gD8Ogh6mO93u-g6_l0GAd4_-KJo796m166Wr0YLQ5Jq00FmO6ar5aHIOsk41bHYDWTRYRtJGXJkCpM36hG4D_dCmLYDHR84cigs5c5vEVKx9ojXZp1TyGVaxd-w4aHrhxLt4oPlf5WQrU2EykSCHSxjzRNo5nrUZWNWSkEwG1AltZrHo5ZKhpmy_V1GzIhrZxtNZAMu6TDdT9ge58tCUbSu5foDig4oV8pEFbWbIrNPBE6iL6Mw2hIjpTV_uFtAtKprqHRdaVY_B2rNNGS2f-gdY_6bXEPD0qq6jYgGuavex2MBVpXm_OE4_mDamk3PFZlWNlj08Rr9FdIrwLeY43q9df0iFjYEGmFGt8Dmqoon-fpwFyZrxEA1digQDNHpIAlWi9kNVBNuuaPXsPSUQ15tIT8H7vU_FPIjtvkShU6gwlpYSYzfvCGlu8UMDwG38035QdCnJlsMlCst29aGJdJk0ql87N1PbxmwxRXJR2JZMrNUwfj9C1LQJNS-8qG5uwz6DJno7G5MiCDbNuk27O4a6JWzP21ulGlpHEubOUVZA7zI1oAxglQ6gOzA6_4vrTtjnlXYgM2E7B__5GrPnPRBN_1ctjEVmcicCLYEPRVcio0hzy1iCA9S8vOjxDyRnUs5zjsY3KAQloCI0fjRSyw1UPBUybe5R2q_dfzAjIE90RlZ6oL1WhhMSTd_qUiw_ty4HejT9UqKwNHFO8RweGZHXukPlHLsznDDBLBIHJCiSVn2-hlK1I1I77sv32sBv5oy-8GyMV28e2fPqExwmNqm5EOGHNgxA_I0JeWwHKJ6GDyECdqg-220QgYh6vX3G1rgeFE6KPm_7PX_XYL41Vi8ccd77rfSMVyCQTuj1-Renfs9sUdd1NTug

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| __cfQR function| init function| touchstartListener function| touchstartEmptyListener function| mouseoverListener function| mousedownListener function| mouseoutListener function| mousedownShortcutListener function| isEventLikelyTriggeredByTouch function| isPreloadable function| preload function| preloadUsingSpeculationRules function| preloadUsingLinkElement function| LazyLoad boolean| __cfRLUnblockHandlers object| wpGdprCookieNoticeUtils object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_image_requests object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| dataLayer function| onYouTubeIframeAPIReady function| gtag object| gaGlobal object| scriptParams object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| wp function| sprintf function| vsprintf object| swv object| wpcf7 object| HCaptchaMainObject function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| hCaptcha function| hCaptchaGetWidgetId function| hCaptchaReset function| hCaptchaBindEvents function| hCaptchaSubmit function| hCaptchaOnLoad number| link number| len object| __gcse object| GoogleGcLKhOms object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol

4 Cookies

Domain/Path Name / Value
segundaviadeboletos.com.br/ Name: _lscache_vary
Value: 9c19052b29d1cd5606b2adb82ddc04da
.segundaviadeboletos.com.br/ Name: _ga_YMX9V1KW8L
Value: GS1.1.1724989563.1.0.1724989563.0.0.0
.segundaviadeboletos.com.br/ Name: _ga
Value: GA1.1.104344424.1724989564
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cse.google.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
pagead2.googlesyndication.com
segundaviadeboletos.com.br
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
segundaviadeboletos.com.br
www.googletagmanager.com
142.250.176.194
142.251.32.98
142.251.35.162
142.251.40.196
172.67.173.245
2001:4860:4802:36::178
2606:4700:3033::6815:1edb
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81c::2001
2607:f8b0:4006:820::200e
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0dbbe788d942eb02719025ea194bedb1578d798d7a2af18127ce3d3d6fcc5fa0
0ee72ab954ce5b1ace61c14a0e18449cb4df717054af341e9f2c117580e2df27
0fa19feb446718812bfbc1f30bd91e18994f90db5fc7497bf7915bf4b3cf22b9
111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66
17332508b37924994dab276d6132d9115130f419a4079c96576e38441ad3e2ed
2b938e7c334cfbed33a02861fb0a51bf151ba518404862ae035374b184e62e53
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
5543830f907f932a14f8dbab2fa6a0fb735975a7dc39bfd35d30f44b8cdbe68a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c519e995be939bd16d1e8230c08e7a4b35f811a021dbdf671377a6f8efe718
6281c463b446297087c6e9bd3e6c82d4824419a822e6d7cb5939e7c246aa84c5
699d4828c42481ca941e4faf8ffa28d0e08f30044d54b41af5a8d9bde16dcddd
69a296d661588d06f41ea37d2b9483c9d894516a7487149af73da7a41359c1d0
75bfd4f6620cbc8b1ce25415484ea2d7e3a782a030474df5d581bff58cdb8b12
7885699afa61589c0ea34f5c75f4779675b76b84d98d4ff86ca90063e9c020a3
7886a90c426251db7ee0f709956a2065cd7758fac5fa102d8af8199a5ace544f
947e6a94c5458231108e368eee6cbc0cf304c8f28d30b887dc717850fd64a244
94c4eed60653e14337c021261a52581e9b6f93ae9ba512912ca30ce656b3ac64
9adf7f700b5b47625515ed8a260c9f82d0b4be0e18f14f16edc7395706dd806a
a051c9a17118715a90ba46ee85c958444e101dfed6f8263a30dddb6b84ed1834
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
ac2be6ba48333bc2871bea7293a6fa49d3b9d8ddfef6c074b99e33b05fe7a550
ae9de52233685161ea61d4d2125cfdc5173e6b1a7fbeec4acd0a6f593c1e2458
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf001ca6ac5d190dee4df02bdbdcd229bab94581e47207c67d85032e7688dfe8
d2785dc556d32ec8b9e502ecdae9d5bcd840e5ec6b0bd715e061aa40aa64012b
d480de66b420ea6afb356fe87de6fe62f5cbbd08662f077ff2edae95a2b900df
d6307ea6e3e698b2b8d75746b19de1ad31a8df93949c1cde2eb8f6c26317c1e1
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ff088ef3bf5c89fe480fb80afa236ba98404b7b63131ec8fb580bd8af375bc
e8e2503c0efae58135253ff5812b0d124c0aa999e76bf322eab2e3d0144fa974
ebb3dc26653b13849e070366a67323cd39bc8d9ad4f517c5dcb25972244f2a4c
f0cc5ab68993abc8854ea632c9d48e87d49233699efb76a1c9367dc4c6fc023a
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f43e182c2ae1f34ba1aa1c73be20218768c53ab6b4ea364682c502fabfdad52d
f4ab785dd5b7051b7b079399ebeaba1e2898dbb9b6f99d2b6867b1e72e319de7
f9c7c5fbdcbb6eaef71169e34095fbfa89b0708ae016a6e7294ff86847373188
fa7d107ff526497197857d49dfe2b6a84d99c97e56facc7b57bef4776d4c4ca2
ff3d0e8b3eeb7ba127f9a3fa28f85a045e502f1b3740740c8464ee70d65588e1