urlscan.io logo urlscan.io
SecurityTrails logo

qas.consorciofoton.com.br Open in urlscan Pro
2a02:26f0:ab00::214:8e62  Public Scan

Go To Rescan Add Verdict Report
URL: https://qas.consorciofoton.com.br/
Submission: On May 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 6 countries across 23 domains to perform 70 HTTP transactions. The main IP is 2a02:26f0:ab00::214:8e62, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is qas.consorciofoton.com.br.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 25th 2024. Valid for: a year.
This is the only time qas.consorciofoton.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
8 20.119.128.4 8075 (MICROSOFT...)
4 2.17.147.184 20940 (AKAMAI-ASN1)
4 142.250.186.68 15169 (GOOGLE)
3 3 54.233.100.13 16509 (AMAZON-02)
3 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.23.208.81 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 1 216.200.232.249 6461 (ZAYO-6461)
1 2 3.75.62.37 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
3 16.12.2.20 16509 (AMAZON-02)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 52.95.164.38 16509 (AMAZON-02)
70 27
8    2a02:26f0:ab00::214:8e62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
qas.consorciofoton.com.br
3    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
consent.cookiefirst.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
8    20.119.128.4 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prd-us-ssg-wapp-02-qas.azurewebsites.net
4    2.17.147.184 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-184.deploy.static.akamaitechnologies.com
qas.consorciofoton.com.br
4    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
3    54.233.100.13 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-233-100-13.sa-east-1.compute.amazonaws.com
vlibras.gov.br
3    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:10::ac43:2be9 (United States)

ASN13335 (CLOUDFLARENET, US)
my.hellobar.com
5    2606:4700::6811:407c (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync.navdmp.com
1    3.23.208.81 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-208-81.us-east-2.compute.amazonaws.com
receiver.posclick.dinamize.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
chat-app.meudroz.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    216.200.232.249 (Frederick, United States)

ASN6461 (ZAYO-6461, US)
pixel.mathtag.com
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    16.12.2.20 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com
s3-sa-east-1.amazonaws.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
chat-app.meudroz.com
1    52.95.164.38 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com
s3.sa-east-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
12 consorciofoton.com.br
qas.consorciofoton.com.br
213 KB
8 azurewebsites.net
prd-us-ssg-wapp-02-qas.azurewebsites.net
924 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
250 KB
5 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 32708
usr.navdmp.com — Cisco Umbrella Rank: 37812
cdn.navdmp.com — Cisco Umbrella Rank: 24336
sync.navdmp.com — Cisco Umbrella Rank: 22962
6 KB
4 amazonaws.com
s3-sa-east-1.amazonaws.com
s3.sa-east-1.amazonaws.com
43 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 meudroz.com
chat-app.meudroz.com
18 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
19 KB
3 vlibras.gov.br
vlibras.gov.br — Cisco Umbrella Rank: 126521
1 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
135 KB
3 cookiefirst.com
consent.cookiefirst.com — Cisco Umbrella Rank: 31989
28 KB
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1679
ups.analytics.yahoo.com — Cisco Umbrella Rank: 435
213 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
cm.g.doubleclick.net — Cisco Umbrella Rank: 272
764 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
149 KB
2 hellobar.com
my.hellobar.com — Cisco Umbrella Rank: 17842
36 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
172 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
274 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 2546
647 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
1 dinamize.com
receiver.posclick.dinamize.com — Cisco Umbrella Rank: 656571
36 KB
0 bancorandon.com Failed
info.bancorandon.com Failed
70 23
Domain Requested by
12 qas.consorciofoton.com.br qas.consorciofoton.com.br
8 prd-us-ssg-wapp-02-qas.azurewebsites.net qas.consorciofoton.com.br
5 fonts.gstatic.com fonts.googleapis.com
4 www.google.com qas.consorciofoton.com.br
www.gstatic.com
3 s3-sa-east-1.amazonaws.com chat-app.meudroz.com
3 chat-app.meudroz.com qas.consorciofoton.com.br
chat-app.meudroz.com
3 cdn.jsdelivr.net qas.consorciofoton.com.br
3 vlibras.gov.br 3 redirects
3 use.fontawesome.com qas.consorciofoton.com.br
use.fontawesome.com
3 consent.cookiefirst.com qas.consorciofoton.com.br
consent.cookiefirst.com
2 region1.google-analytics.com www.googletagmanager.com
2 connect.facebook.net qas.consorciofoton.com.br
connect.facebook.net
2 tag.navdmp.com qas.consorciofoton.com.br
tag.navdmp.com
2 my.hellobar.com www.googletagmanager.com
my.hellobar.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com qas.consorciofoton.com.br
www.googletagmanager.com
2 fonts.googleapis.com qas.consorciofoton.com.br
chat-app.meudroz.com
1 s3.sa-east-1.amazonaws.com
1 www.facebook.com qas.consorciofoton.com.br
1 ups.analytics.yahoo.com qas.consorciofoton.com.br
1 cms.analytics.yahoo.com 1 redirects
1 sync.navdmp.com qas.consorciofoton.com.br
1 pixel.mathtag.com 1 redirects
1 cm.g.doubleclick.net tag.navdmp.com
1 cdn.navdmp.com tag.navdmp.com
1 www.google.de qas.consorciofoton.com.br
1 www.gstatic.com www.google.com
1 usr.navdmp.com tag.navdmp.com
1 stats.g.doubleclick.net www.google-analytics.com
1 receiver.posclick.dinamize.com www.googletagmanager.com
0 info.bancorandon.com Failed connect.facebook.net
70 31

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
autoatendimento.randonconsorcios.com.br
Subject Issuer Validity Valid
randoncorp.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-25 -
2025-04-25		 a year crt.sh
*.cookiefirst.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2024-12-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-13 -
2025-03-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-25 -
2024-08-24		 a year crt.sh
navdmp.com
GTS CA 1P5		 2024-04-02 -
2024-07-01		 3 months crt.sh
receiver.posclick.dinamize.com
R3		 2024-04-27 -
2024-07-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-15 -
2024-05-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
meudroz.com
E1		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.s3-sa-east-1.amazonaws.com
Amazon RSA 2048 M01		 2024-04-12 -
2025-03-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://qas.consorciofoton.com.br/
Frame ID: DE69EB80896FFEA5332912BEC4A56C43
Requests: 69 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBtZoUAAAAABDGvN8D7C2RAGHjtPRJAnQPkH77&co=aHR0cHM6Ly9xYXMuY29uc29yY2lvZm90b24uY29tLmJyOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&badge=bottomleft&cb=b0f4jdomk8eu
Frame ID: 5CBB0706FCAFD283A71D227BA9A55D15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Consórcio Foton

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

70
Requests

91 %
HTTPS

57 %
IPv6

23
Domains

31
Subdomains

27
IPs

6
Countries

2056 kB
Transfer

3953 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://vlibras.gov.br/app/vlibras-plugin.js HTTP 302
  • https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/vlibras-plugin.js
Request Chain 50
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=3ef5663b-6215-4800-a454-3ae54a07e679
Request Chain 51
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 58
  • https://vlibras.gov.br/app//assets/access_icon.svg HTTP 302
  • https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/access_icon.svg
Request Chain 59
  • https://vlibras.gov.br/app//assets/access_popup.jpg HTTP 302
  • https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/access_popup.jpg

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qas.consorciofoton.com.br/ 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34c78b55522a2a0b370f6fdcc5ce9be5dd8497cce91be097afa91a366bca1fb1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
7724
content-type
text/html; charset=utf-8
date
Wed, 08 May 2024 11:29:22 GMT
expires
Wed, 08 May 2024 11:29:22 GMT
pragma
no-cache
request-context
appId=cid-v1:083076e1-8490-46fa-9fe3-ffe037b0a79f
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
banner.js
consent.cookiefirst.com/ 		66 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1080 /
Resource Hash
8f3ccbf0d85617f1d239bd17b78d5e64b46de0384a394bc145b096e2e1535374

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:22 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-storageserver
DE-663
cdn-cachedat
03/20/2024 20:35:51
cdn-pullzone
236985
visitor-location
DE
last-modified
Wed, 20 Mar 2024 15:50:04 GMT
server
Cookie First CDN-DE1-1080
cdn-fileserver
382
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65fb05ac-10913"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=300
cdn-requestid
27718b16cf3dd6d49b372385e129da7e
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:300,400,700,900
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
43ffe2a3ce33356a8c63bab0b58bbf7d67232223b82cf7248281efc78c9b5002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 May 2024 11:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 May 2024 11:22:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 May 2024 11:29:22 GMT
all.css
use.fontawesome.com/releases/v5.2.0/css/ 		46 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1346779
etag
W/"20a9ce516eaea76da29a23adc43e8998"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LrQzbTQweS6EP%2FuVtRvMMZuXpgZrsvTpYyMK11ESfi5Je8hDxN%2F1YuRGMGwiKt4UsN%2BKC6%2FYbxaEtHH29JSYDcPsWC72KeDeSCOdayDck4m2WwotGo3Yp9UkHq53npCCmiCdgneHm0UdTgcGCv2NNmWL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
88091c9378d88c4c-FRA
alt-svc
h3=":443"; ma=86400
stylefoton.css
prd-us-ssg-wapp-02-qas.azurewebsites.net//Content/cssgerados/ 		53 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prd-us-ssg-wapp-02-qas.azurewebsites.net//Content/cssgerados/stylefoton.css
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0532380205fcfef842bb2e2e303830fe2bd0562ffe46f3af5dd3957890f3c331

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Feb 2023 14:12:12 GMT
Server
Microsoft-IIS/10.0
ETag
"535c1da77e4bd91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
15741
jquery.range.css
qas.consorciofoton.com.br/Content/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Content/jquery.range.css
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f2f19389f360a592b9c9634e550bb8d58aeba8154e631690fbf72f304c2bbc8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:04:10 GMT
etag
"d96a1d307fedd91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604764
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
1257
jquery.min.js
qas.consorciofoton.com.br/Scripts/ 		82 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Scripts/jquery.min.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:22 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:04:25 GMT
etag
"df25c1387fedd91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=427837
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
37723
jquery.range.js
qas.consorciofoton.com.br/Scripts/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Scripts/jquery.range.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4268568a841414ccb626cefac20f57cf094c8ef9643d862accf0fbc0de109a39

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:04:25 GMT
etag
"52fb16397fedd91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
4789
jquery.mask.js
qas.consorciofoton.com.br/Scripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Scripts/jquery.mask.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a2a5c6563adad1eb94943a202edf1a96f79fa323e350977beb2c03d800728d43

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:22 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:04:24 GMT
etag
"8b2245387fedd91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=427874
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
4060
moment.min.js
qas.consorciofoton.com.br/Scripts/ 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Scripts/moment.min.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b50e5002fb76071bf7275820f0fefce8e3fded560cd4343dca599967ebeffb5d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:22 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:04:34 GMT
etag
"6f36263e7fedd91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=427925
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
23587
moment-with-locales.min.js
qas.consorciofoton.com.br/Scripts/ 		360 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Scripts/moment-with-locales.min.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed61b54e58ee4777799b9a8aa93d2d73874d0d1fda699b637364efd42fdce7ff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:04:31 GMT
etag
"2cb89c3c7fedd91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
107640
consorcio-foton.png
prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/Empresas/6/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/Empresas/6/consorcio-foton.png
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f6bf66cabb43362c32589fd03593a49efd16cdccf8a97e39b10833e4b34a8f0c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:22 GMT
Last-Modified
Fri, 24 Feb 2023 13:42:41 GMT
Server
Microsoft-IIS/10.0
ETag
"3666d6dd5548d91:0"
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
34796
slick.css
qas.consorciofoton.com.br/Scripts/slick/ 		2 KB
953 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Scripts/slick/slick.css
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
24c6cc52d55fe4011744dea15de1c725d1c5dc7846cc7f51a2fc15c561c7dac4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:06:54 GMT
etag
"b2f883917fedd91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604790
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
784
slick-theme.css
qas.consorciofoton.com.br/Scripts/slick/ 		4 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Scripts/slick/slick-theme.css
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.17.147.184 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-147-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
71e37996b196b44d001375754fbc615ce6cf09d758586e997a38f8d242015152

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:06:53 GMT
etag
"801ccb907fedd91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604793
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
948
quic-version
0x00000001
slick.js
qas.consorciofoton.com.br/Scripts/slick/ 		87 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Scripts/slick/slick.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.17.147.184 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-147-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:06:54 GMT
etag
"de14d5917fedd91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604789
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
22156
quic-version
0x00000001
map.png
prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/HomeSite/3/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/HomeSite/3/map.png
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7ee534a3f3da30ca05aff21a781373aea73f16ec6bd2b671942538cf84ab07e6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:23 GMT
Last-Modified
Fri, 24 Feb 2023 13:43:50 GMT
Server
Microsoft-IIS/10.0
ETag
"89322b75648d91:0"
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
35214
ABAC-selo.png
prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/SobreFooter/4/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/SobreFooter/4/ABAC-selo.png
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
93d48c26b71319b0c5a36a7fe0d087806d90015080232470883002fdb5154b5f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:23 GMT
Last-Modified
Fri, 24 Feb 2023 13:50:20 GMT
Server
Microsoft-IIS/10.0
ETag
"e730aaef5648d91:0"
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
36239
scripts.js
qas.consorciofoton.com.br/Scripts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/Scripts/scripts.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.17.147.184 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-147-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
004a402500258c78b5002ef3b862025cfb0adcbc1b151d92669ddca32f7d1dbf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 18:04:35 GMT
etag
"1b468d3e7fedd91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604763
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
5002
quic-version
0x00000001
api.js
www.google.com/recaptcha/ 		1 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&onload=onRecaptchaLoadCallback
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
d3f1ecb646d57a653a2e204224edac92df18aa0b81ed080b890a99c2eae57ece
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 08 May 2024 11:29:23 GMT
api.js
www.google.com/recaptcha/ 		1 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
b4a87969c4cc52d70e75db24b6bda485dbb1beef9ab5c4074e4020176ea1713b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 08 May 2024 11:29:23 GMT
vlibras-plugin.js
cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/
Redirect Chain
  • https://vlibras.gov.br/app/vlibras-plugin.js
  • https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/vlibras-plugin.js
15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/vlibras-plugin.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
178e6539db9ff5dfd9214724616bf1391246f04fdee39178341804240a21d811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qas.consorciofoton.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 08 May 2024 11:29:24 GMT
x-content-type-options
nosniff
content-encoding
br
age
33175
x-jsd-version
dev
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5671
x-served-by
cache-fra-etou8220129-FRA, cache-cph2320032-CPH
x-jsd-version-type
branch
etag
W/"3b93-GqdrSIRjZyU2KUKCKhmWxZ0jL6o"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

date
Wed, 08 May 2024 11:29:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
text/html
location
https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/vlibras-plugin.js
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
138
version.json
consent.cookiefirst.com/sites/qas.consorciofoton.com.br-a5ee5a0f-a9d5-4f77-b080-6aaaa4a41a26/ 		678 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/qas.consorciofoton.com.br-a5ee5a0f-a9d5-4f77-b080-6aaaa4a41a26/version.json?v=1715167762544
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1080 /
Resource Hash
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:22 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-679
cdn-cachedat
05/08/2024 11:29:22
cdn-pullzone
236985
visitor-location
DE
server
Cookie First CDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
404
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=5
cdn-requestid
ba06b2580de118ce1fc797afedff7b62
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
404
cdn-requestpullsuccess
True
stylemobfoton.css
prd-us-ssg-wapp-02-qas.azurewebsites.net//Content/cssgerados/ 		28 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prd-us-ssg-wapp-02-qas.azurewebsites.net//Content/cssgerados/stylemobfoton.css
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c12d07ee6913f3296c072cc3b2b20af27cc3e14325c3025b693a2af7f23f16d5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Feb 2023 14:12:14 GMT
Server
Microsoft-IIS/10.0
ETag
"d3f5ca87e4bd91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
8391
version.json
consent.cookiefirst.com/sites/*.consorciofoton.com.br-a5ee5a0f-a9d5-4f77-b080-6aaaa4a41a26/ 		678 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/*.consorciofoton.com.br-a5ee5a0f-a9d5-4f77-b080-6aaaa4a41a26/version.json?v=1715167762544
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1080 /
Resource Hash
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:22 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-661
cdn-cachedat
05/08/2024 11:29:22
cdn-pullzone
236985
visitor-location
DE
server
Cookie First CDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
404
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=5
cdn-requestid
8c6294b9a7056695f17b95f49392641c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
404
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TC7FNNT
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b82ec0c166021dc06b6f3e7ad691421d77dce1447f5574e9a46dcc1823f858f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79508
x-xss-protection
0
last-modified
Wed, 08 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 May 2024 11:29:23 GMT
consorcio-foton-.jpg
prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/HomeSite/3/ 		512 KB
512 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/HomeSite/3/consorcio-foton-.jpg
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dbb904c1757c6eb470e1b507c889249c54ac229c958942c89b85dd4d994365b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:23 GMT
Last-Modified
Fri, 24 Feb 2023 13:43:50 GMT
Server
Microsoft-IIS/10.0
ETag
"28eab365648d91:0"
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
524169
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://qas.consorciofoton.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 13:27:43 GMT
x-content-type-options
nosniff
age
79300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 13:27:43 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin
https://qas.consorciofoton.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b75b4bfe0d58faeced5006c785eaae23"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDzTTnPicDc2ANZprC66xsnJ2xKJLJxqOViJ%2FGZzZyTKXkWJjLAFsBE1LbAxXYjGwiZ%2Baqn23guqhPUewykBIfi%2BgxE4WRxljTMyPxB9%2FK2DDGYucoS8qiFIjOanP%2FkY9HA8Yco%2F44pNsml4rHUF0xTO"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
88091c9b2a3b6925-FRA
alt-svc
h3=":443"; ma=86400
content-length
62472
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://qas.consorciofoton.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 00:45:23 GMT
x-content-type-options
nosniff
age
384240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 May 2025 00:45:23 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DRZVE4GLV8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7FNNT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b60d0c2827f78d514f9beaa38d15def89e2fb6865dd00cdf5f4e97cc17746ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96376
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 11:29:23 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7FNNT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 May 2024 09:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6500
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 08 May 2024 11:41:03 GMT
040b11f46220c26d3977c5b424c242a755c5c6d9.js
my.hellobar.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.hellobar.com/040b11f46220c26d3977c5b424c242a755c5c6d9.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7FNNT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e25dceed8aea8d7b867bd3249d3582cac8b5b69df7fdc5806e4e372823179cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 Nov 2020 06:14:59 GMT
server
cloudflare
x-amz-request-id
H70ZQJTJTHKYZR5T
etag
W/"d6fdf7a3eaf52b511eef01adcb24a466"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray
88091c9ccb8a91e3-FRA
x-amz-id-2
uBv8xUDAaa1DWN5MZVwULHVgtVUAvMiTaLTxtBvqk3aNc+untFrCAIAEofbg1pAVB/THA78AsHAaHZts1Mdc1vf+ju+7hq2Y
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
3214
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
88091c9c981f37dd-FRA
expires
Wed, 08 May 2024 11:35:49 GMT
310534_2510.js
receiver.posclick.dinamize.com/forms/js/ 		132 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://receiver.posclick.dinamize.com/forms/js/310534_2510.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7FNNT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.23.208.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-208-81.us-east-2.compute.amazonaws.com
Software
Dinamize-PcReceiver /
Resource Hash
c52d068b23321955aa81905dc125480dd6e7946cc83318a5af7139c47d6e3dcc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:34:40 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2024 11:34:40 GMT
server
Dinamize-PcReceiver
etag
2024-04-16 03:13:03.095845238 -0300 -03 m=+46569.848271034
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
content-length
36352
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 May 2024 11:29:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=12, mss=1294, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
JWfV6Ug8mzJxaECAPI2eF5h9KASthlQMGNtCpKriK2S9NzQExDKt5YCyM+cUvhDuiVYQe1m+/FMFhq3gGBcFrg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DRZVE4GLV8&gtm=45je4510v878692916z877456410za200&_p=1715167763555&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1423134942.1715167764&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715167763&sct=1&seg=0&dl=https%3A%2F%2Fqas.consorciofoton.com.br%2F&dt=Cons%C3%B3rcio%20Foton&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2687
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DRZVE4GLV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 11:29:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qas.consorciofoton.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
64367
tag.navdmp.com/u/ 		511 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/64367
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c577b656a01b92e9dd9bad0f3a5a679a5290a3d83275ab11e610369c0b72b7ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 Sep 2021 18:45:01 GMT
server
cloudflare
etag
W/"6137b32d-1ff"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
88091c9d18b437dd-FRA
expires
Wed, 08 May 2024 12:29:24 GMT
collect
www.google-analytics.com/j/ 		3 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2120787577&t=pageview&_s=1&dl=https%3A%2F%2Fqas.consorciofoton.com.br%2F&ul=de-de&de=UTF-8&dt=Cons%C3%B3rcio%20Foton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=45789213&gjid=2026040421&cid=1423134942.1715167764&tid=UA-32122305-10&_gid=487940614.1715167764&_slc=1&gtm=45He4510n81TC7FNNTv77456410za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2023392122
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 May 2024 11:29:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qas.consorciofoton.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-32122305-10&cid=1423134942.1715167764&jid=45789213&gjid=2026040421&_gid=487940614.1715167764&npa=1&_u=YCDAgAABAAAAAG~&z=1483755843
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 08 May 2024 11:29:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qas.consorciofoton.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
364295598058021
connect.facebook.net/signals/config/ 		286 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/364295598058021?v=2.9.155&r=stable&domain=qas.consorciofoton.com.br&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2468c06e65b9adb3f588d0c8fb68428cf7e8962f57365479f2d96b3e99c2895a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 May 2024 11:29:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=64, mss=1294, tbw=63324, tp=-1, tpl=-1, uplat=630, ullat=0
pragma
public
x-fb-debug
9c1LI94wHmJozIeNK9TLJzv9Z7Fi2gGX1m+2/R3X41e0NBvoyrnWakenk6wiErnMks4/QkIHTV7x6Tx5lWpr1A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://qas.consorciofoton.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:28:14 GMT
x-content-type-options
nosniff
age
97270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:28:14 GMT
usr
usr.navdmp.com/ 		359 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=9&acc=64367&u=1&new=1&wst=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1431e32137927a2377f8d1d35398c3a3a60a7d908f3b7a7e2b23b3d9e703913

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 08 May 2024 11:29:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
88091c9e3a0c37dd-FRA
expires
Wed, 08 May 2024 12:29:24 GMT
droz.js
chat-app.meudroz.com/v1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/v1/droz.js?i=81698ee1248baeed5bdb8b6a13dadf4ce2314353&u=https://chat-app.meudroz.com&v=156197&e=f34cab79162b26d6837a9aa793b6ae36840f8914
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f71c6fd702841dd80a37e8762ad1c6d0dbfe8210f9bbeca88c2fb70f5f2a86d
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"9936-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUbsk8vzhsjKWL8VvTbYocZYWVGRQMD47Y%2FETd5zByda80EpZdCKDq4Vkk%2BbyOgdRDzUwVXRIyGt6BwxLPU00tQOA9%2BX7uDddHoNH8yv6EtVdY0IpSlb4ESh7tDNVQTCmUUVapyTcnTW7LFJVaDyr5dK0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88091c9eec349a23-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 		509 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onRecaptchaLoadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Origin
https://qas.consorciofoton.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 10:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207268
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:03:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 May 2025 10:07:02 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32122305-10&cid=1423134942.1715167764&jid=45789213&npa=1&_u=YCDAgAABAAAAAG~&z=409884530
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 11:29:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32122305-10&cid=1423134942.1715167764&jid=45789213&npa=1&_u=YCDAgAABAAAAAG~&z=409884530
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 11:29:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
concessionarias-consorcio-foton.jpg
prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/HomeSite/3/ 		278 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/HomeSite/3/concessionarias-consorcio-foton.jpg
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f9ec2461c987f902d167501ca080d800601f5adaa7cce797519d39edc6119759

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:23 GMT
Last-Modified
Fri, 24 Feb 2023 13:43:49 GMT
Server
Microsoft-IIS/10.0
ETag
"43129c65648d91:0"
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
284409
fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin
https://qas.consorciofoton.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6814d0e8136d34e313623eb7129d538e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0kVIP04tcslBj7kqRgsxLyiS7rsjWCbaMo1ncMSVoES0w3J6hMs%2FNz9Qv%2FiiH%2BAV%2F1bJPwYRtrgU7kfGW51WQn0o63b45kNI0N7FgD17ZQky1%2FJzq7MdYiBHQptvnr9V3T0Ku08ykrr3l%2Bp%2FQvGhx%2BF"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
88091c9e5d916925-FRA
alt-svc
h3=":443"; ma=86400
content-length
64144
modules-v8.js
my.hellobar.com/ 		121 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.hellobar.com/modules-v8.js
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/040b11f46220c26d3977c5b424c242a755c5c6d9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f66fc0404a2df5a84735e0f63e24e4cd810b34abe115f50a81f3d9e04ee3b0c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 Nov 2020 06:21:39 GMT
server
cloudflare
x-amz-request-id
H70JC6VC12KZZ42F
etag
W/"174bba55e5316c9e8e8fb5392713f98d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31557600, must-revalidate, proxy-revalidate, s-maxage=31557600
cf-ray
88091c9e8dcb91e3-FRA
x-amz-id-2
AzvtJT4t/9MQK63g7h+bIXjx7W/hxthwoP4wGmGe90dl9JBJ3YlnuChGvCR8r7lfRG9iIIDxpkG/jDLATGqw2EZPzn1pF1AflZa9cNRBfoY=
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=9&id=149b4ec2c3ea7dbacae05b065210%7C0&acc=64367&tit=Cons%25F3rcio%2520Foton&url=https%253A%2F%2Fqas.consorciofoton.com.br%2F&upd=1&new=1&h1=CONS%25D3RCIO%250AFOTON
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
88091c9f7b9a37dd-FRA
content-length
6
content-type
application/x-javascript
pixel
cm.g.doubleclick.net/ 		170 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=88504976067
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 11:29:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=3ef5663b-6215-4800-a454-3ae54a07e679
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=3ef5663b-6215-4800-a454-3ae54a07e679
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Server
2606:4700::6811:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qas.consorciofoton.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
88091ca1ff1b37dd-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Wed, 08 May 2024 11:29:24 GMT
Server
MT3 1549 cea2cde master ord ord-pixel-x8 config_version:"2700"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.navdmp.com/sync?img=1&mdia=3ef5663b-6215-4800-a454-3ae54a07e679
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 08 May 2024 11:29:23 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.112 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qas.consorciofoton.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 08 May 2024 11:29:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.112
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Wed, 08 May 2024 11:29:24 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.112
content-length
344
content-language
en
anchor
www.google.com/recaptcha/api2/ Frame 5CBB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBtZoUAAAAABDGvN8D7C2RAGHjtPRJAnQPkH77&co=aHR0cHM6Ly9xYXMuY29uc29yY2lvZm90b24uY29tLmJyOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&badge=bottomleft&cb=b0f4jdomk8eu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y7eQ6ujS7pT6DyISQ9qhQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qas.consorciofoton.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-y7eQ6ujS7pT6DyISQ9qhQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 May 2024 11:29:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
events
info.bancorandon.com/ 		0
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=364295598058021&ev=PageView&dl=https%3A%2F%2Fqas.consorciofoton.com.br&rl=&if=false&ts=1715167764813&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4124&fbp=fb.2.1715167764811.1105588222&eid=ob3_plugin-set_d60065884e13bf17b5b51fc9e71aedf76e57d519335d3fa7069e51787917c283&pm=1&hrl=464367&ler=empty&cdl=API_unavailable&it=1715167764046&coo=false&cs_cc=1&cas=7497409997038850%2C6694833290532150%2C5653702148082778%2C4991011931013729%2C4310483209010432&rqm=GET
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2770, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 08 May 2024 11:29:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
main-v1.js
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/f34cab79162b26d6837a9aa793b6ae36840f8914/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/f34cab79162b26d6837a9aa793b6ae36840f8914/main-v1.js?v=156197
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/v1/droz.js?i=81698ee1248baeed5bdb8b6a13dadf4ce2314353&u=https://chat-app.meudroz.com&v=156197&e=f34cab79162b26d6837a9aa793b6ae36840f8914
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.2.20 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdddb1c66d2b9336e06b8bc601e246804c2dca24e50c473340ddde6f92462e0b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:26 GMT
Last-Modified
Fri, 18 Mar 2022 13:17:40 GMT
Server
AmazonS3
x-amz-request-id
BAD6F1EP504GP1RH
ETag
"acd0f4627887b9b929b8d8fa89d42f18"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
1652
x-amz-id-2
sIRskCSGLNofcko/frfK7Eg3eeYNkpJQpNwrVSwg36OnyQtPtUID3itDGG9twof4C2983tgcFLw=
reCAPTCHAV3
qas.consorciofoton.com.br/ 		1 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qas.consorciofoton.com.br/reCAPTCHAV3
Requested by
Host: qas.consorciofoton.com.br
URL: https://qas.consorciofoton.com.br/Scripts/jquery.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.17.147.184 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-147-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://qas.consorciofoton.com.br/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
pragma
no-cache
date
Wed, 08 May 2024 11:29:27 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
request-context
appId=cid-v1:083076e1-8490-46fa-9fe3-ffe037b0a79f
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
120
expires
Wed, 08 May 2024 11:29:27 GMT
main-v1.js
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/81698ee1248baeed5bdb8b6a13dadf4ce2314353/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/81698ee1248baeed5bdb8b6a13dadf4ce2314353/main-v1.js?v=156197
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/v1/droz.js?i=81698ee1248baeed5bdb8b6a13dadf4ce2314353&u=https://chat-app.meudroz.com&v=156197&e=f34cab79162b26d6837a9aa793b6ae36840f8914
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.2.20 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
67bc78076944972c02b7e31fceaf9b56832998f04c7a793114da0680c394dfb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:26 GMT
Last-Modified
Wed, 26 Jan 2022 13:28:35 GMT
Server
AmazonS3
x-amz-request-id
BAD3AXYWSAE2HHZJ
ETag
"898a663d95a3f87ef00d19abb0470d5d"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
2170
x-amz-id-2
5hncuikixWFOPt26YZhSAyDyMzMwJAAmRX0OTmYnzhudKQHNWGo/lPTWyH8fVJGDF7D2JQg4bzU=
access_icon.svg
cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/
Redirect Chain
  • https://vlibras.gov.br/app//assets/access_icon.svg
  • https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/access_icon.svg
5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/access_icon.svg
Protocol
H2
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb8c9cfc18a5612c8636e1c773111c27fb69865a9c3f9a37a6e265e095c1188d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qas.consorciofoton.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 08 May 2024 11:29:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
36432
x-jsd-version
dev
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2604
x-served-by
cache-fra-eddf8230079-FRA, cache-cph2320032-CPH
x-jsd-version-type
branch
etag
W/"15ee-9PerC6QhjPo5B4QDqZBJD4SIBBY"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

date
Wed, 08 May 2024 11:29:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
text/html
location
https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/access_icon.svg
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
138
access_popup.jpg
cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/
Redirect Chain
  • https://vlibras.gov.br/app//assets/access_popup.jpg
  • https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/access_popup.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/access_popup.jpg
Protocol
H2
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0641f4b8887a3dcb8c4243cba38c4b639dd0cf18e9265f3b0a6b56f10567e11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qas.consorciofoton.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 08 May 2024 11:29:26 GMT
x-content-type-options
nosniff
age
17609
x-jsd-version
dev
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9968
x-served-by
cache-fra-etou8220098-FRA, cache-cph2320032-CPH
x-jsd-version-type
branch
etag
W/"26f0-D7iIUneKx/6UlHZzs6Oxe8hPWtA"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

date
Wed, 08 May 2024 11:29:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
text/html
location
https://cdn.jsdelivr.net/gh/spbgovbr-vlibras/vlibras-portal@dev/app/assets/access_popup.jpg
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
138
favicon.ico
prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/Empresas/6/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://prd-us-ssg-wapp-02-qas.azurewebsites.net//Uploads/Empresas/6/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7b4ac62fbac98b6b82a235e2bea90c57cfb5c65445d0a196e8a7a73a1044f8b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:26 GMT
Last-Modified
Fri, 24 Feb 2023 13:42:41 GMT
Server
Microsoft-IIS/10.0
ETag
"4487c5dd5548d91:0"
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
4286
main.js
chat-app.meudroz.com/iframe/ 		63 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/iframe/main.js?v=156197
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/v1/droz.js?i=81698ee1248baeed5bdb8b6a13dadf4ce2314353&u=https://chat-app.meudroz.com&v=156197&e=f34cab79162b26d6837a9aa793b6ae36840f8914
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c02ad54dc396aa2e0bd9fecee4ea05461f1bc15ad6c752eb886458cf50bb91
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:48 GMT
server
cloudflare
etag
W/"64363-1713475908000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18J8927xRlCGg7V6pawSbF57UrmWFXbhL8ArMfWHkgyim9a7sODN7ZpgMJGHUCWbSl1NC1ihl6xP884iXmrBNgsk8w8xCbSXZS8yKP1lNJ3UvEn4XFJ7SM3j2jwMirwPvMMCbjWTlnZLXx5vzmR14x506g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88091cacbd4d9a23-FRA
droz.css
chat-app.meudroz.com//v1/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com//v1/droz.css?v=1
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=156197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47bb1e860b10c1705406bb14f24fe00ea5422b7cf9c83cb99f373095cd7fc8c1
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:29:27 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
212
cf-polished
origSize=10056
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"10056-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCsywLgh8iawxZe9jeTGNzoqNlQBl%2FcJM8ziex%2Bdu3Lk7PvWlAagEnyBz0Ioesz%2FHeehXFztyKUT5WoJGiag59GpiCZfd%2F3lKdFCiRKrcDGQsbeuqjqWKPs8qCtqgE4Cp7DFKo3Ryg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88091cb0ea1e5c4a-FRA
priority
u=0,i=?0
css
fonts.googleapis.com/ 		6 KB
821 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=156197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f677e4aec56bfa69ccee2b96e2eb3391efff3a60a6e072a6b65b7b5f72daa72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 May 2024 11:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 May 2024 11:29:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 May 2024 11:29:27 GMT
main-v1.css
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/81698ee1248baeed5bdb8b6a13dadf4ce2314353/ 		31 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/81698ee1248baeed5bdb8b6a13dadf4ce2314353/main-v1.css?v=156197
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=156197
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.2.20 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
dfeebc5edc6e2ef0adac70db4f8eb4b499a927e5bd3e59834554fd51567a3724

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:28 GMT
Last-Modified
Wed, 26 Jan 2022 13:28:35 GMT
Server
AmazonS3
x-amz-request-id
J458QEG67GMBBPQ3
ETag
"18970f55d7273cddd1679cdbcaf68422"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
32040
x-amz-id-2
8jPfpN6wMPVhXpQGpBOfcYg6+NIzXWa1E9cX4h6of22nQpM116X6jgfQrFkNO/qN1M8iLgN7uLU=
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://qas.consorciofoton.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 00:45:23 GMT
x-content-type-options
nosniff
age
384240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 May 2025 00:45:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://qas.consorciofoton.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 13:27:43 GMT
x-content-type-options
nosniff
age
79300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 13:27:43 GMT
icon-minimized-20210623184848484-130.png
s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/81698ee1248baeed5bdb8b6a13dadf4ce2314353/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/81698ee1248baeed5bdb8b6a13dadf4ce2314353/icon-minimized-20210623184848484-130.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.164.38 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b3c3e91fc0bac18929e957d79006ddd8b4c3c6ee1570b2e0ea756ecc6ce09dc0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 11:29:29 GMT
Last-Modified
Wed, 23 Jun 2021 21:48:49 GMT
Server
AmazonS3
x-amz-request-id
PT513HPB4B3G1J8J
ETag
"b6798ed94be1aeb935b06221ec59ec7c"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6907
x-amz-id-2
02Vrv8Y+KEqg/wWpLRecb49l/GI2a97pVDRLWeyO4OVTTVw7wVNAld1+AaTOOpqB6oSrMIDzWJY=
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DRZVE4GLV8&gtm=45je4510v878692916za200&_p=1715167763555&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1423134942.1715167764&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715167763&sct=1&seg=0&dl=https%3A%2F%2Fqas.consorciofoton.com.br%2F&dt=Cons%C3%B3rcio%20Foton&en=scroll&epn.percent_scrolled=90&_et=10&tfd=7700
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DRZVE4GLV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://qas.consorciofoton.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 11:29:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qas.consorciofoton.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
info.bancorandon.com
URL
https://info.bancorandon.com/events

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| chunkCB function| addCFGTMConsentListener number| __COOKIE_BANNER_INIT_TIME__ function| $ function| jQuery object| $jscomp function| moment object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| o object| a object| b function| Navegg object| naveggReady object| nvg64367 function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| prechat_inputs function| mascaraValor function| scrollMenu function| AtualizaCidade function| buscaGruposEncerrados function| modalAviso function| fecharPossoAjudarChat function| abrirChatbot object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| scoreUser function| ExecuteV2 function| onRecaptchaLoadCallback function| onSubmitV2 function| bootstrap object| hellobarSiteSettings object| script object| webpackJsonpVLibras object| VLibras object| recaptcha object| closure_lm_942709 object| dinConfigs string| dinVERSION object| dinFunctions object| dinTargetForm object| dinWhatsForm object| dinSearchForm object| dinEcommerceTools object| dinLogger string| DIN_BI_RM string| dinB64map string| dinB64pad function| dinExtendStatics undefined| dinDecoder$1 object| dinBase64 number| dinMax function| dinInt10 function| dinStream function| dinASN1 function| dinASN1Tag number| dinDbits number| dinCanary boolean| dinJ_lm function| dinBigInteger function| dinNullExp function| dinClassic function| dinMontgomery number| DIN_BI_FP object| DIN_BI_RC number| dinRr number| dinVv function| dinArcfour number| dinRng_psize undefined| dinRng_state object| dinRng_pool number| dinRng_pptr number| dinT object| z function| onMouseMoveListener_1 function| dinSecureRandom function| dinRSAKey function| dinJSEncryptRSAKey function| DinJSEncrypt object| dinLeadTracker string| _dPosclickSite object| dinPosclick object| dinForms number| dinControllerLoadFunction function| dinInt2char function| dinHex2b64 function| din__extends function| dinNbi function| dinParseBigInt function| dinAm1 function| dinAm2 function| dinAm3 function| dinIntAt function| dinNbv function| dinNbits function| dinPrng_newstate function| dinRng_get_byte function| dinPkcs1pad2 function| _getdPosclickQueryParams function| _setdPosclickCookie function| _getdPosclickCookie function| _dAutomationGtmRegisterAccess function| _dAutomationGtmAddTimer function| _dAutomationGtmCloseTimer function| _dAutomationGtmAccess function| _dAutomationPurchase function| dinLoadFunction function| hellobar object| regeneratorRuntime undefined| droz_ibm_watson_url undefined| droz_ibm_watson_token undefined| droz_ibm_watson_auth undefined| droz_ibm_watson_redirect_url undefined| droz_ibm_watson_assistant_url function| drozAddScriptInHead function| drozAddDivInBody function| drozInstallScript function| drozRemoveScript function| drozAddJqueryIfNecessary function| drozGetScriptParams function| drozGetEnviromentFolder object| drozScriptParams string| prechat_base_url function| drozAddModalZoomImage function| drozAddModalExternalLink function| setVariableForToken string| drozEnviromentFolder string| prechat_customer_key function| installMainScript boolean| droz_account_status number| timeReturnChatTransferConfig string| droz_position string| droz_position_desktop string| droz_position_mobile string| droz_skin string| droz_token boolean| zopim_integration number| prechat_typing_delay number| prechat_open_delay string| nlpNotFoundVariable string| nlpPlaceholder string| feedbackNlpMessage string| feedbackNlp boolean| start_fullscreen boolean| is_hoverable boolean| header_btn_close boolean| header_btn_minimize boolean| header_btn_maximize boolean| has_dialogbox_desktop boolean| has_dialogbox_mobile string| dialogbox_text_desktop string| dialogbox_text_mobile boolean| layout_updated boolean| has_chat_boticon boolean| has_chat_usericon string| icon_minimized string| icon_minimized_mobile boolean| is_hoverable_mobile string| icon_minimized_hover string| icon_minimized_hover_mobile boolean| minimized_img_only boolean| minimized_img_only_mobile boolean| header_btns_inverted_color boolean| has_footer boolean| has_online_description boolean| expand_screensize boolean| droz_minimized_hide_text boolean| allows_extra_attachments string| feedbackNlpNegativeMessage object| botLanguages string| defaultBotLanguage string| droz_token_imported boolean| activate function| hideZopim function| logZopim function| drozAddCssInHead function| buildDrozInputsParameters function| buildDrozFullscreenParameters function| drozBuildUrlIframe function| drozShowOpenButton function| drozHideOpenButton function| drozShowWindow function| drozCloseWindow function| drozMinimizeChat function| drozOnClickCloseButton function| drozOnClickCloseButtonFullscreen function| drozBrothersInit function| drozBrothersResetSizeOriginal function| drozBrothersTitleOpenOrClose function| drozBrothersResetStyle function| addZopimWidgetOnPage function| addSalesforceChatWidgetOnPage function| addMovideskChatWidgetOnPage function| addNeoassistChatWidgetOnPage function| activateZopimDeprecated function| activateSalesforceChat function| activateZopim function| activateMovidesk function| activateNeoassist function| callZopim function| verifyTimerEventListener boolean| customParamsFullscreen string| customer_key number| typing_delay number| open_delay string| button_model string| button_text string| droz_position_class boolean| animate_window boolean| droz_zendesk_chat string| origin_domain object| animation_prop boolean| watsontype boolean| watsonRedirectUrl boolean| watsonuser boolean| watsonAssistantUrl string| defaultBotLanguageParams object| botLanguagesParams string| prechat_url string| zopimStatus string| baseStyle function| init_window_onpage function| $droz

14 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AKDSkebkBocG_ysFcFY4hP67sTJuZMg9ZR7oXO0dJK8sJLolGt005V4BkErPQANhHEZ9iP1Ylgo79kwUs0fiCg0
qas.consorciofoton.com.br/ Name: ASP.NET_SessionId
Value: qowe1yyncw4xiupocnwuujfr
qas.consorciofoton.com.br/ Name: __RequestVerificationToken
Value: Fx07bLOTJlsQXMekmsDeWMeyiQtSRyh1K-haWchmNpDKMmBhSPE9WNEIXhFg7w8U7yAv28xH5ibCV7HF0o-Ea-OdJOPLiuICAb_-Llx-TzA1
.consorciofoton.com.br/ Name: _ga
Value: GA1.1.1423134942.1715167764
.consorciofoton.com.br/ Name: _ga_DRZVE4GLV8
Value: GS1.1.1715167763.1.0.1715167763.0.0.0
.qas.consorciofoton.com.br/ Name: _ga
Value: GA1.4.1423134942.1715167764
.qas.consorciofoton.com.br/ Name: _gid
Value: GA1.4.487940614.1715167764
.qas.consorciofoton.com.br/ Name: _dc_gtm_UA-32122305-10
Value: 1
.navdmp.com/ Name: ac3
Value: 1
.navdmp.com/ Name: nid
Value: 149b4ec2c3bf89c3b7dd9b8dce10|1|158
.consorciofoton.com.br/ Name: nvg64367
Value: 149b4ec2c3ea7dbacae05b065210|0_130
.mathtag.com/ Name: uuid
Value: 3ef5663b-6215-4800-a454-3ae54a07e679
.consorciofoton.com.br/ Name: _fbp
Value: fb.2.1715167764811.1105588222
qas.consorciofoton.com.br/ Name: dinTrafficSource
Value: eyJ1cmwiOiJodHRwczovL3Fhcy5jb25zb3JjaW9mb3Rvbi5jb20uYnIvIiwicmVmZXJlciI6IiJ9

16 Console Messages

Source Level URL
Text
network error URL: https://consent.cookiefirst.com/sites/qas.consorciofoton.com.br-a5ee5a0f-a9d5-4f77-b080-6aaaa4a41a26/version.json?v=1715167762544
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://consent.cookiefirst.com/sites/*.consorciofoton.com.br-a5ee5a0f-a9d5-4f77-b080-6aaaa4a41a26/version.json?v=1715167762544
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://qas.consorciofoton.com.br/
Message:
Refused to execute script from 'https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=88504976067' because its MIME type ('image/png') is not executable.
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/364295598058021?v=2.9.155&r=stable&domain=qas.consorciofoton.com.br&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://qas.consorciofoton.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://qas.consorciofoton.com.br/
Message:
Access to XMLHttpRequest at 'https://info.bancorandon.com/events' from origin 'https://qas.consorciofoton.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://info.bancorandon.com/events
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.navdmp.com
chat-app.meudroz.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
consent.cookiefirst.com
fonts.googleapis.com
fonts.gstatic.com
info.bancorandon.com
my.hellobar.com
pixel.mathtag.com
prd-us-ssg-wapp-02-qas.azurewebsites.net
qas.consorciofoton.com.br
receiver.posclick.dinamize.com
region1.google-analytics.com
s3-sa-east-1.amazonaws.com
s3.sa-east-1.amazonaws.com
stats.g.doubleclick.net
sync.navdmp.com
tag.navdmp.com
ups.analytics.yahoo.com
use.fontawesome.com
usr.navdmp.com
vlibras.gov.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
info.bancorandon.com
142.250.186.35
142.250.186.66
142.250.186.68
16.12.2.20
188.114.96.3
2.17.147.184
20.119.128.4
2001:4860:4802:34::36
216.200.232.249
2400:52e0:1e00::1080:1
2606:4700:10::ac43:2be9
2606:4700:3037::ac43:8ef5
2606:4700::6811:407c
2a00:1450:4001:800::200a
2a00:1450:4001:810::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a02:26f0:ab00::214:8e62
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::485
2a06:98c1:3121::3
3.23.208.81
3.75.62.37
52.95.164.38
54.233.100.13
004a402500258c78b5002ef3b862025cfb0adcbc1b151d92669ddca32f7d1dbf
0532380205fcfef842bb2e2e303830fe2bd0562ffe46f3af5dd3957890f3c331
0641f4b8887a3dcb8c4243cba38c4b639dd0cf18e9265f3b0a6b56f10567e11c
071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30
0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4
178e6539db9ff5dfd9214724616bf1391246f04fdee39178341804240a21d811
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f66fc0404a2df5a84735e0f63e24e4cd810b34abe115f50a81f3d9e04ee3b0c
2468c06e65b9adb3f588d0c8fb68428cf7e8962f57365479f2d96b3e99c2895a
24c6cc52d55fe4011744dea15de1c725d1c5dc7846cc7f51a2fc15c561c7dac4
34c78b55522a2a0b370f6fdcc5ce9be5dd8497cce91be097afa91a366bca1fb1
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
3e25dceed8aea8d7b867bd3249d3582cac8b5b69df7fdc5806e4e372823179cf
4268568a841414ccb626cefac20f57cf094c8ef9643d862accf0fbc0de109a39
43ffe2a3ce33356a8c63bab0b58bbf7d67232223b82cf7248281efc78c9b5002
47bb1e860b10c1705406bb14f24fe00ea5422b7cf9c83cb99f373095cd7fc8c1
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5f2f19389f360a592b9c9634e550bb8d58aeba8154e631690fbf72f304c2bbc8
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
63c02ad54dc396aa2e0bd9fecee4ea05461f1bc15ad6c752eb886458cf50bb91
67bc78076944972c02b7e31fceaf9b56832998f04c7a793114da0680c394dfb3
6f677e4aec56bfa69ccee2b96e2eb3391efff3a60a6e072a6b65b7b5f72daa72
71e37996b196b44d001375754fbc615ce6cf09d758586e997a38f8d242015152
7b4ac62fbac98b6b82a235e2bea90c57cfb5c65445d0a196e8a7a73a1044f8b4
7ee534a3f3da30ca05aff21a781373aea73f16ec6bd2b671942538cf84ab07e6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8f3ccbf0d85617f1d239bd17b78d5e64b46de0384a394bc145b096e2e1535374
8f71c6fd702841dd80a37e8762ad1c6d0dbfe8210f9bbeca88c2fb70f5f2a86d
93d48c26b71319b0c5a36a7fe0d087806d90015080232470883002fdb5154b5f
a1431e32137927a2377f8d1d35398c3a3a60a7d908f3b7a7e2b23b3d9e703913
a2a5c6563adad1eb94943a202edf1a96f79fa323e350977beb2c03d800728d43
b3c3e91fc0bac18929e957d79006ddd8b4c3c6ee1570b2e0ea756ecc6ce09dc0
b4a87969c4cc52d70e75db24b6bda485dbb1beef9ab5c4074e4020176ea1713b
b50e5002fb76071bf7275820f0fefce8e3fded560cd4343dca599967ebeffb5d
b60d0c2827f78d514f9beaa38d15def89e2fb6865dd00cdf5f4e97cc17746ca6
b82ec0c166021dc06b6f3e7ad691421d77dce1447f5574e9a46dcc1823f858f4
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c12d07ee6913f3296c072cc3b2b20af27cc3e14325c3025b693a2af7f23f16d5
c52d068b23321955aa81905dc125480dd6e7946cc83318a5af7139c47d6e3dcc
c577b656a01b92e9dd9bad0f3a5a679a5290a3d83275ab11e610369c0b72b7ec
cdddb1c66d2b9336e06b8bc601e246804c2dca24e50c473340ddde6f92462e0b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3f1ecb646d57a653a2e204224edac92df18aa0b81ed080b890a99c2eae57ece
dbb904c1757c6eb470e1b507c889249c54ac229c958942c89b85dd4d994365b4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfeebc5edc6e2ef0adac70db4f8eb4b499a927e5bd3e59834554fd51567a3724
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
eb8c9cfc18a5612c8636e1c773111c27fb69865a9c3f9a37a6e265e095c1188d
ed61b54e58ee4777799b9a8aa93d2d73874d0d1fda699b637364efd42fdce7ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bf66cabb43362c32589fd03593a49efd16cdccf8a97e39b10833e4b34a8f0c
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9ec2461c987f902d167501ca080d800601f5adaa7cce797519d39edc6119759