Submitted URL: https://investircripto.site/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R...
Effective URL: https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-p...
Submission: On August 22 via api from US — Scanned from NL

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 30 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is financastop.online.
TLS certificate: Issued by WE1 on July 25th 2024. Valid for: 3 months.
This is the only time financastop.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 188.114.96.3 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 _)
4 172.67.145.161 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 192.243.59.12 39572 (ADVANCEDH...)
2 172.67.218.45 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 188.114.97.3 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2 172.67.8.141 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 216.58.206.40 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
30 17
Apex Domain
Subdomains
Transfer
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
510 KB
5 cj2550.com
cdn.cj2550.com
cj2550.com
18 KB
4 financastop.online
blog.financastop.online
financastop.online
12 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 10888
widgets.amung.us — Cisco Umbrella Rank: 19859
752 B
2 blotz.me
blotz.me
2 KB
2 criptobr.online
criptobr.online
2 KB
2 topcreativeformat.com
www.topcreativeformat.com — Cisco Umbrella Rank: 53002 Failed
1 gstatic.com
fonts.gstatic.com
33 KB
1 seriesfxapi.online
seriesfxapi.online
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
68 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 investircripto.site
investircripto.site
2 KB
30 13
Domain Requested by
5 www.googletagmanager.com financastop.online
www.googletagmanager.com
4 cj2550.com cdn.cj2550.com
investircripto.site
3 region1.google-analytics.com www.googletagmanager.com
2 financastop.online 1 redirects
2 blog.financastop.online blotz.me
2 blotz.me criptobr.online
2 criptobr.online investircripto.site
2 www.topcreativeformat.com investircripto.site
criptobr.online
financastop.online
1 fonts.gstatic.com fonts.googleapis.com
1 seriesfxapi.online financastop.online
1 widgets.amung.us financastop.online
1 whos.amung.us 1 redirects
1 cdnjs.cloudflare.com financastop.online
1 fonts.googleapis.com financastop.online
1 cdn.cj2550.com investircripto.site
1 investircripto.site
30 16

This site contains no links.

Subject Issuer Validity Valid
investircripto.site
WE1
2024-07-14 -
2024-10-12
3 months crt.sh
1548164934.rsc.cdn77.org
E5
2024-07-05 -
2024-10-03
3 months crt.sh
cj2550.com
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
criptobr.online
WE1
2024-07-14 -
2024-10-12
3 months crt.sh
topcreativeformat.com
R10
2024-07-18 -
2024-10-16
3 months crt.sh
blotz.me
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
financastop.online
WE1
2024-07-25 -
2024-10-23
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
seriesfxapi.online
WE1
2024-08-01 -
2024-10-30
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 2 frames:

Primary Page: https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
Frame ID: E0E9853B0CEC6A0496840BEEF56CDBEE
Requests: 29 HTTP requests in this frame

Frame: https://seriesfxapi.online/tv/37680/1/3/dub
Frame ID: B4694C99FD840F42CC863F166869464E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Investindo em Educação Superior: O Papel dos Estudos Superiores no Desenvolvimento Financeiro e Profissional

Page URL History Show full URLs

  1. https://investircripto.site/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlw... Page URL
  2. https://criptobr.online/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlw... Page URL
  3. https://blotz.me/campanhafinancastop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5... Page URL
  4. https://blog.financastop.online/noticia.php?token=aHR0cHM6Ly9zZXJpZXNmeGFwaS5vbmxpbmUvdHYvMzc2ODAvMS8zL2R1Yg== Page URL
  5. https://financastop.online/noticia.php HTTP 302
    https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

90 %
HTTPS

50 %
IPv6

13
Domains

16
Subdomains

17
IPs

4
Countries

648 kB
Transfer

1948 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://investircripto.site/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ== Page URL
  2. https://criptobr.online/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ== Page URL
  3. https://blotz.me/campanhafinancastop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ== Page URL
  4. https://blog.financastop.online/noticia.php?token=aHR0cHM6Ly9zZXJpZXNmeGFwaS5vbmxpbmUvdHYvMzc2ODAvMS8zL2R1Yg== Page URL
  5. https://financastop.online/noticia.php HTTP 302
    https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://whos.amung.us/swidget/criptral78.gif HTTP 307
  • https://widgets.amung.us/small/00/68.png

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
redirecttop.php
investircripto.site/
3 KB
2 KB
Document
General
Full URL
https://investircripto.site/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d9b453ef4690a1798e2eb2c4b9c5d25daadacd04af9d2efccdd559d23f062d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b7287857b6d0b54-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 22 Aug 2024 11:30:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXkeW8usC8eai4Mx7PwboU405Ctpm%2FO9ZvSvqTHi6%2FMrwVkPfZ%2BqwDHTnkrrIuc0WEfLbHrihctnWsstDrbgOPVoBKCJxTU3WKJAi3nKp%2FGZSltaBhzCiJqL%2FyIfAkIAoosds9pH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
b568ffb6.js
cdn.cj2550.com/
36 KB
14 KB
Script
General
Full URL
https://cdn.cj2550.com/b568ffb6.js
Requested by
Host: investircripto.site
URL: https://investircripto.site/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7c29dcdaf89190f354489fd9a9f0693fdb2ff51a6a863851c7ec2351c006811d

Request headers

Referer
https://investircripto.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 22 Aug 2024 11:30:11 GMT
content-encoding
gzip
x-accel-date-max
1723027951
x-77-cache
HIT
x-cache
HIT
x-age
261469
x-accel-date
1724064742
x-77-nzt
EgwBqZb/tgH3Xf0DAAwBJRPCMQH3FgAAAA
x-accel-expires
@1725101530
x-77-age
261469
server
CDN77-Turbo
etag
W/"06ebfd2ad4d3ebc7ed088f0b0a47505a3"
x-77-nzt-ray
15b3c711113bb69a4321c76678fa1828
vary
Accept-Encoding
content-type
text/javascript
invoke.js
www.topcreativeformat.com/a58b023bb9daf66d85a84e2b4949ec20/
0
0

zeMl3U4zkFELBk4yX3yMhrjkCq_mGe45R7Rw-jrkOomSrV7yj2PqUjR1sxLmMNtccBtVlt5ovlHInc4shdKlM-eZJLxq9_wPbDyDJwTWSDSLhRy-Q12KhYxI7JGcRWgq3s_Hso5VzcAB30LnfHGTRj_bsLFkEK4yvdFhbkFVfbVGo42636mWAcWbx2IhvSV-sDpTM...
cj2550.com/
737 B
1 KB
XHR
General
Full URL
https://cj2550.com/zeMl3U4zkFELBk4yX3yMhrjkCq_mGe45R7Rw-jrkOomSrV7yj2PqUjR1sxLmMNtccBtVlt5ovlHInc4shdKlM-eZJLxq9_wPbDyDJwTWSDSLhRy-Q12KhYxI7JGcRWgq3s_Hso5VzcAB30LnfHGTRj_bsLFkEK4yvdFhbkFVfbVGo42636mWAcWbx2IhvSV-sDpTMuqW9_rcrqU87XVy5Gdw3vJiiNrYy4ZRu9D5q9Va1ga6S9WXMKQBRBcy3VKC-vvdjEEHZtKGH3fu97Z2BjXcAN485fueTP4cFQL7jUabY5ncldWP_34CMnrUbUT0vdKIqvvoAnZCmebMrNuL-ac2VDTkejFxqUrOOTkpMhS2BhoHawUdOGSmcl13CJ1RJy2gkENqtzl-vTbNYJexgdSEVngNydX8odeAOQnzC6PvqhXIEorXd0cQ7sPK7ZUEXis9dy_RLnz3wx8sPwGtwCuoyqE1ETrDe8wSa5hKIr7a5_oB1GIy1Utu2SmMo7lNJanqJ-B7AfOHfg31iJMbVNIJNQUFK5QkK_6mpXh3-kntbRpRAGbK2SWSj6LLWWUN9-DYEsA62a8J5MoydHH0t9jeqYT4jhvj0WzbjNaJKRUMOHS01U7cXpC-eSgOUV9Fx9GiNNBUsTFuGTnh3lSDKKqEmiwyizDtGcR8TE-8u2w_at_EpProqt3N-gHiJWwOyL5kpjQTwGprZnPxrBBL7rK9YrUMzbqlClDRNoC8fQVrnzRoCaIh5Gqe9KXXxFHBB8HYnUceTMc49Kyopz5pEdWqt2jNv8c2HOGfpzz7jxDZze1y-UAz3WMtSlbpQJPha54NurpP1i7IVB83T8xyZfvy1t3FuQ-NxPWwu46IZvBdfjbB4HSXCKRyNx1K3zSgknq1-0CxTP3rU0XGncDeAZvh8_1VHkVryXZFx1YKRzl9WtgBQRkcN?
Requested by
Host: cdn.cj2550.com
URL: https://cdn.cj2550.com/b568ffb6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a31998f845a4e7a0b9fcd2b1d5151bf337304f1ed506c9f9bfee444a74e680

Request headers

Referer
https://investircripto.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:11 GMT
content-encoding
zstd
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9wj5FkgYm3Cf53pKgG2Jgc3gIQg1a7wmMSfyM7GKow0GFDwy3Z%2BjGgHhLNx6hcciDkIQgb%2Bl1ZeIGOZIrb8lgBbmLK4sOGqzkALdGymNQtrX97VVur%2B1Z1g8fdbE"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://investircripto.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
*
cf-ray
8b7287885d139fa6-AMS
expires
Thu, 01 Jan 1970 00:00:00 GMT
z5_iOe6Ru5hYv9VJda6Qy7KQ3EmpuPc_Eh9u6W3tC3n2esi-EChkL3izvPqjCwjOCc_-45UEVisMh6gCsB72qHkvC6DGFSf_j8aYzoIY8ryKNDnXmztYrRHVT1Cg3F0a6c48IlZD86Po6ofRP9mLtpNF5v4jd_MwpFezmnNdA7r5r4bL9w8tUIC_HNKAd4byi8mEM...
cj2550.com/
737 B
1 KB
XHR
General
Full URL
https://cj2550.com/z5_iOe6Ru5hYv9VJda6Qy7KQ3EmpuPc_Eh9u6W3tC3n2esi-EChkL3izvPqjCwjOCc_-45UEVisMh6gCsB72qHkvC6DGFSf_j8aYzoIY8ryKNDnXmztYrRHVT1Cg3F0a6c48IlZD86Po6ofRP9mLtpNF5v4jd_MwpFezmnNdA7r5r4bL9w8tUIC_HNKAd4byi8mEMlZqR-Y1phyHU6iT4A3zlGuM5LcKV_ah_EqsS612DUrWcVvC9hVp0DVxJsxCvqlSYz45kvU18qsBlrkQmkKp3GTAq8OTatknzjYwvlsJx4oRPp8r-GyM9ZpuwpiRVrZoKyznUnsmItbiTVs1-6_kihufOiM7nmZtXrgu2op2diZbk-mMBW72sW3zJP7A5Mj5UoPNV8lSxPeSW2Oym6RBrX-c9DyAIiFES7zoH6DPvfxx7b6kaiuaGnh1C08wSDMTETyLZaxfGjJYiOPBjZ-07llVTz_eokulCMalY5rYwarNxdFjBY7lV3mj2BoGfBJIZUQulcGSfOdncWq2XvXN6iwOT405Ey3cYHPWglzpOPsXwRRshnOntiySJSEFujUwwrTpxUCgryl55L9edQ0vFzpS1HTXhKdMWm0gJHET0V3w3SuHmviB0vTSREgFPKvf44BQqTNXWlGoK35gwLBy323E6unVPT82YrCqH2vl5lotNe90J8kpi_8AQRrZr6gSprUA6M1jxAk40M_H1skiCC8YW58BNiGcOSzLnmQwHS3YfWV-0Qf4JKAiLpPExtDEfIYCrjGbIaI73eFtlupezKzPOGe8Ze9-PaqVPma76bEBpfNRKnLpxevLzhDwE131qTsTFvivlPZZuRtPuMLRZsBCCM-jRL5f8j0g2vxZi66KgBLVZ9C-a60HevwMsoaveuGH5qfG2-XuH8MGrwTuE4lJgOfUHKtigsPjYjgBe5lMDQhRd?
Requested by
Host: cdn.cj2550.com
URL: https://cdn.cj2550.com/b568ffb6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
531c4819f5dc24cc9351532067ff5df56b82a62717164eb626614fd26a132ede

Request headers

Referer
https://investircripto.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:11 GMT
content-encoding
zstd
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9KLbOBpux0sWIOCvOuSdoBVa4tJSAv%2F8VrJCtVDUsyK%2BAEC6as2pu4e%2B%2FO5o6Uz7jQYyl6PR47223s6NA7ShKIlmEyrZLC7DaaB2V4e%2BCLgbOHE%2FMZGd8pYETS0"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://investircripto.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
*
cf-ray
8b7287885d149fa6-AMS
expires
Thu, 01 Jan 1970 00:00:00 GMT
z3e-9Dnyg7MqSrXQHFE8chxhPKfzM8NPRArmeKDsYYwxTNpDOpJXVF2hC11fj1o1PbmARLs0qUehqIp6_KIayu7PJj_XZWzHFm41yWEHlRSWmugoqMVmEHW3NdGrxf2jZMsiPRO6R46eXLmddFdOfGBlGE4QttgZi2uXESv1g5Mm6PcIBIe4f9MdwGWexxObhFexY...
cj2550.com/
49 B
644 B
Image
General
Full URL
https://cj2550.com/z3e-9Dnyg7MqSrXQHFE8chxhPKfzM8NPRArmeKDsYYwxTNpDOpJXVF2hC11fj1o1PbmARLs0qUehqIp6_KIayu7PJj_XZWzHFm41yWEHlRSWmugoqMVmEHW3NdGrxf2jZMsiPRO6R46eXLmddFdOfGBlGE4QttgZi2uXESv1g5Mm6PcIBIe4f9MdwGWexxObhFexYoK0H5trHUjh2uNTkkKuu6KXLUsRTjE34woZTuDFDreFlID6SaRyifX9yRKVF8rWeaQL_K71aSfb39tbYuE8jD_V-Ig8UgyHHBWUSNpG3xW7PutTLcQXAsZMbK-PFTCokQX4DgATL4n2kE8mjPwu1b8VH4CEKvxTPk353NjHMkVevtXDd1I64eOCkLPUTzXDmc7xL7MNNKMHFSVUKWboloEyxkug9XWRADtrTkljHrf0s5J9uwP--I9QeivmqNqxtk5tWOVHNyiFRGoSVY0-RNYyr2sU2OZR1LBPIBg1k3ZkClnXZZwNtd7lpO02hpwPWUtn7pQ?DC=HZFI
Requested by
Host: investircripto.site
URL: https://investircripto.site/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://investircripto.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=86400
content-length
49
pragma
no-cache
last-modified
Tue, 06 Aug 2024 20:26:10 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
etag
W/"49-1722975970000"
access-control-allow-methods
*
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FO8AAQAu7DStFCvGq%2B%2Fs2xzjDZiGogEdkZnMFS%2FU%2Fbko%2Fy%2BwhuOEKsjWOevh207LE1EKSguh5LhAJ7AkT7F2xa%2BLtGBor6u6JzEnNDRxXOyl57U%2B8nnWEg1S0Ps"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
permissions-policy
*
accept-ranges
bytes
cf-ray
8b7287892e0a9fa6-AMS
expires
Thu, 01 Jan 1970 00:00:00 GMT
zANgzYZyANmHhwfuWsyVP0TMi5X27glsEJxGkAvbIhat46LqrYPTp_U7v-0_SkCQ0uRRG7Xr-4qidCKsTdFQabfmC0GP5N6xtkzIZ9wVkUrDBXFFqUfmO88KX35FtEVgj88LDW5VEdVEoMiEesSS6BraPrNdxNNU5t63KQm-Bk1oZIqDqy1tQZLyRAa6HXo6F4Fu2...
cj2550.com/
49 B
639 B
Image
General
Full URL
https://cj2550.com/zANgzYZyANmHhwfuWsyVP0TMi5X27glsEJxGkAvbIhat46LqrYPTp_U7v-0_SkCQ0uRRG7Xr-4qidCKsTdFQabfmC0GP5N6xtkzIZ9wVkUrDBXFFqUfmO88KX35FtEVgj88LDW5VEdVEoMiEesSS6BraPrNdxNNU5t63KQm-Bk1oZIqDqy1tQZLyRAa6HXo6F4Fu2D4avMGT-QS38gLnbGVTiFLryAipPVWLZ03KgZNnTRo3CcDo-a19UbobLfKwYgLrL9g9_bi57RAuLFTYhEzCEYGUJiufK9Lr_wJ7F5dF-rB5GmeHAovRO1S1deWum7mr_0FR43AguQvboKqSyVUPrLLnDAjil-NMLD57CWIbn9R1FugNHIDE-3DEt-OES5I8ob3MRteHTmkeyLe-xQytcjghqukLyvpmt2jUf75yrxG5BoklmxfqF0XHuHYNMSHZmafv24shRlZOYOitbSP_ZlX0DSrirTpQAoIVqL0z8CoxR3dOzWgCyfHoikJToEvAZEBfx4w?DC=HZFI
Requested by
Host: investircripto.site
URL: https://investircripto.site/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://investircripto.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=86400
content-length
49
pragma
no-cache
last-modified
Tue, 06 Aug 2024 20:26:10 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
etag
W/"49-1722975970000"
access-control-allow-methods
*
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FQMoz2HGa9I%2BZgkeYdMPj5Ztatst8Kl7VufwoFbNn%2B1O%2FEoPI5kVPdCkP4AzfINgmv6iQAoe%2FrJTPpPhNEzdRotCe2YLFi5p8NSRx2rVftH6MzJI4qsIz2HVWVZ"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
permissions-policy
*
accept-ranges
bytes
cf-ray
8b7287892e0c9fa6-AMS
expires
Thu, 01 Jan 1970 00:00:00 GMT
redirecttop.php
criptobr.online/
3 KB
2 KB
Document
General
Full URL
https://criptobr.online/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Requested by
Host: investircripto.site
URL: https://investircripto.site/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b11b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93524172fbd5e337a576b19a1d5ec0252d8d5d3c97b5bf9833d9b548d416e0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://investircripto.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b7287941f861c88-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 22 Aug 2024 11:30:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=edQPc5%2BVYI1y4g3Ikm96m9uMvcLmUAzfPfFPrL21zmRHePY%2F2v44%2BYv5gDK0ws4o3CZ5M%2BKI8DYj0d69sbeizBYTvLpd5y3pEfYfV4BOV%2BD62%2FsvUPmamprvtuId9h8NHi9G5upetJZcOvZBMSo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
invoke.js
www.topcreativeformat.com/d996726f688c39935598253b501a6aab/
0
0
Script
General
Full URL
https://www.topcreativeformat.com/d996726f688c39935598253b501a6aab/invoke.js
Requested by
Host: criptobr.online
URL: https://criptobr.online/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://criptobr.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 22 Aug 2024 11:30:14 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
www.topcreativeformat.com/deb17c7af297b9ec209bcd9bf28d2086/
0
0
Script
General
Full URL
https://www.topcreativeformat.com/deb17c7af297b9ec209bcd9bf28d2086/invoke.js
Requested by
Host: criptobr.online
URL: https://criptobr.online/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://criptobr.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 22 Aug 2024 11:30:14 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
favicon.ico
criptobr.online/
552 B
491 B
Other
General
Full URL
https://criptobr.online/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b11b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://criptobr.online/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:14 GMT
content-encoding
zstd
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJ4CsYvfWJ06MvzhLG2Gn5rRGwgJ2l%2Bpi42XP258kn272Vi%2F7Nnro2CrdfZfUTZ5X1LkEp2vnC0KdNc2zjbkThXWuRJ671w4ZCT7fP1%2BlcEl%2BJeStxtaIQlFBHqaCCVfVgrbLJQ%2BXxHJEMTQTRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b72879a38471c88-AMS
alt-svc
h3=":443"; ma=86400
campanhafinancastop.php
blotz.me/
3 KB
2 KB
Document
General
Full URL
https://blotz.me/campanhafinancastop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Requested by
Host: criptobr.online
URL: https://criptobr.online/redirecttop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f3f784beb8be1cd28b72d78bf990dbd18e270fe4d82a158adb9ec328f7039bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://criptobr.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b72879b69cf0a5f-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 22 Aug 2024 11:30:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuZJGjewmSAQ7NhCo27LTJNVk9OiEyCIpZXkFCb7YgIWk3xT2r9vIFasdl0Zez6fbU5p4oSZkqVTCkmehkJ0uSj39NXUtkG95J6hGAFST%2Fy2tOt5ImVrhSy4Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
favicon.ico
blotz.me/
552 B
575 B
Other
General
Full URL
https://blotz.me/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

Referer
https://blotz.me/campanhafinancastop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:15 GMT
content-encoding
zstd
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4axy274LaZwk8Gxvmu55Tsl4siGPTv0GrOS%2Bv8ndZe5r%2Bto7bBmXXdTbVofQhxx%2BGQ9ujiVxy7VAvruo8ScNl6KWqVuzIr5IvDvXnJ9bQYbeVPUPweQzQ9qRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b72879c8ae50a5f-AMS
alt-svc
h3=":443"; ma=86400
noticia.php
blog.financastop.online/
453 B
894 B
Document
General
Full URL
https://blog.financastop.online/noticia.php?token=aHR0cHM6Ly9zZXJpZXNmeGFwaS5vbmxpbmUvdHYvMzc2ODAvMS8zL2R1Yg==
Requested by
Host: blotz.me
URL: https://blotz.me/campanhafinancastop.php?auth=eyJ1cmwiOiJodHRwczpcL1wvc2VyaWVzZnhhcGkub25saW5lXC90dlwvMzc2ODBcLzFcLzNcL2R1YiIsInR5cGUiOiJpZnJhbWUiLCJjYyI6IiIsImJhY2siOiJodHRwczpcL1wvc2VyaWVzZmxpeHR2Mi5tZVwvZXBpc29kaW9zXC9ob21lbnMtZGUtdGVybm8tMXgzXC8ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blotz.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b72879eca370bd1-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 22 Aug 2024 11:30:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyrtX3KGcGtrr%2BEV1yTBSHx%2FXEualfrhtEhdbUXI79SsLu5XRdg6EdM5XCENxusuRj0hy42qipJVkyyuGmDS4PKGOlcNsYE7ZigH1moZ%2BlerCPHVsI2xpQiKs5XY6xm3adkmdqdAdzKlCos4%2FTHDijQ2dKkxhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Primary Request investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
financastop.online/
Redirect Chain
  • https://financastop.online/noticia.php
  • https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
32 KB
10 KB
Document
General
Full URL
https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ac0638c074a767a2729a9c764eed71ed37ac04fc74a6796a0c487893386e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://blog.financastop.online
Referer
https://blog.financastop.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b7287a0f9796729-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 22 Aug 2024 11:30:15 GMT
link
<https://financastop.online/wp-json/>; rel="https://api.w.org/", <https://financastop.online/wp-json/wp/v2/posts/159>; rel="alternate"; title="JSON"; type="application/json", <https://financastop.online/?p=159>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXm6xAs6eKF8tUKbwEe0nVFxruVF6FSSdy9GpsBaOEuJrSNZ6DIiimkHxJWC8tuq9jLUw%2BQJjDZ1%2BX6%2FG70DyDm1%2FrJ50tHAAWcbEkvqagSJwqRD3LXzRXe0qOU4AY2w6xjJLQ4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pingback
https://financastop.online/xmlrpc.php
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b7287a048b36729-AMS
content-type
text/html; charset=UTF-8
date
Thu, 22 Aug 2024 11:30:15 GMT
location
https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RrdJlOQ6qlBRn1%2FG232oM%2BWnwuUZWmHpN6QxhUd9pjU%2Fwt0enpsLu4U6a4ee1ytRHfRpHi7mFraZOaHqPTOW1zs3stiA2SC7pHC3KjYaRhj3tKOmB0k%2Fc0cIL5KiS7DyLeOXdmE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
favicon.ico
blog.financastop.online/
552 B
480 B
Other
General
Full URL
https://blog.financastop.online/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://blog.financastop.online/noticia.php?token=aHR0cHM6Ly9zZXJpZXNmeGFwaS5vbmxpbmUvdHYvMzc2ODAvMS8zL2R1Yg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:15 GMT
content-encoding
zstd
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ROkJ5NsanvRgAkgCmSmSD2AWfc4ibqqPK0RGQSuwPKaFNlsVJXEImBVJ7nBychZqdJndsB3nhABke1wE29TYFY%2FvuyGa%2FxErvMZYjrUBNdxsE6Tlx65K%2Bs20yAK7QwBj%2FrV2wfmf%2FgwqfwjcYg7AuIObCjCh2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b72879fdb790bd1-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-90X8WT50PJ
Requested by
Host: financastop.online
URL: https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2c0c7cd6ebb024b8dac5b623ee757b52454724f9a7d5d6ceb8eaf2e366b4c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104356
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Aug 2024 11:30:16 GMT
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9T5S3EW81E
Requested by
Host: financastop.online
URL: https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26aa49b4b7082da2eac2efe7f58b419b62688df8d2e0393248e10d3fb38d38b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Aug 2024 11:30:16 GMT
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GKL0X3XJZS
Requested by
Host: financastop.online
URL: https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b98a1f9a2a4f069aa9c5c8dc4b8f5cb9ac1b4233251e8ce2444f267a65e8d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104358
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Aug 2024 11:30:16 GMT
css
fonts.googleapis.com/
20 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,100,100italic,300,300italic,400italic,500,500italic,700italic,700,900,900italic
Requested by
Host: financastop.online
URL: https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd5c7305b2c5359d93297c767a6335e4338653c82c2c0adb37a511b9a2fbec07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Aug 2024 11:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 11:30:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Aug 2024 11:30:16 GMT
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/
274 KB
68 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.js
Requested by
Host: financastop.online
URL: https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
653301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
69049
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-4472c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KS2%2BKnijG%2BKdgSx0TwxsYp3wp8VKUMiumm%2Fx74pXx5IhZBJV6ymSicuyX2srMQ6Zc2FQtPX1V8aZo2TveRyBTCFbo59z1BXyvzdOAFJYfmNGeKiOwEF6s%2F9Qe5yBs5nF%2FVdxLGSU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b7287a248631c1d-AMS
expires
Tue, 12 Aug 2025 11:30:16 GMT
invoke.js
www.topcreativeformat.com/f6e5d98929407bafac9336fdbdb56712/
0
0

68.png
widgets.amung.us/small/00/
Redirect Chain
  • https://whos.amung.us/swidget/criptral78.gif
  • https://widgets.amung.us/small/00/68.png
318 B
529 B
Image
General
Full URL
https://widgets.amung.us/small/00/68.png
Requested by
Host: financastop.online
URL: https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
Protocol
H3
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d162307155789ae4acabee6aac45e18e193322f9ae0ea3ec0f2c738cf811da

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:16 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:48:29 GMT
server
cloudflare
age
580108
etag
"4c14a96d-13e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b7287a3aaec1c78-AMS
alt-svc
h3=":443"; ma=86400
content-length
318
expires
Fri, 16 Aug 2024 18:21:48 GMT

Redirect headers

date
Thu, 22 Aug 2024 11:30:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=UTF-8
location
https://widgets.amung.us/small/00/68.png
cache-control
no-cache, no-store, must-revalidate
cf-ray
8b7287a2596c1c78-AMS
alt-svc
h3=":443"; ma=86400
dub
seriesfxapi.online/tv/37680/1/3/ Frame B469
0
0
Document
General
Full URL
https://seriesfxapi.online/tv/37680/1/3/dub
Requested by
Host: financastop.online
URL: https://financastop.online/investindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8347 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://financastop.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b7287a3aedfb764-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 22 Aug 2024 11:30:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhIxMFOkZJ6hyB%2BR1ixJdQV2G59EJm2y8m%2FZV2de%2BvGA3DiiwCV0wZH2Asi8%2B449sNN8Um5X1NsPoo0VRu65bOUNHfgrggKD8BcVSKpQE2jaoHewx2YElS3t1EuvCpo80Xw75vkBayeWzMSak2EI8MI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,100,100italic,300,300italic,400italic,500,500italic,700italic,700,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://financastop.online
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:47:59 GMT
x-content-type-options
nosniff
age
160937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:47:59 GMT
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-90X8WT50PJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9T5S3EW81E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ecfcc4ac0e42e23a06e59e2989113f3dc19b345d9ff949006a3ce34db8c63da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Aug 2024 11:30:16 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9T5S3EW81E&gtm=45je48j0v9186093304za200&_p=1724326216025&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=379958252.1724326216&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724326216&sct=1&seg=0&dl=https%3A%2F%2Ffinancastop.online%2Finvestindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional&dr=https%3A%2F%2Fbing.com&dt=Investindo%20em%20Educa%C3%A7%C3%A3o%20Superior%3A%20O%20Papel%20dos%20Estudos%20Superiores%20no%20Desenvolvimento%20Financeiro%20e%20Profissional&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=800
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9T5S3EW81E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 11:30:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://financastop.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GKL0X3XJZS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9T5S3EW81E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
282f183eab898135b6152da9090fa849bc74f7f8aa4933890c4830d8dbb74845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:30:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104274
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Aug 2024 11:30:16 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-90X8WT50PJ&gtm=45je48j0v9182994348za200zb9186093304&_p=1724326216025&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=379958252.1724326216&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724326216&sct=1&seg=0&dl=https%3A%2F%2Ffinancastop.online%2Finvestindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional&dr=https%3A%2F%2Fbing.com&dt=Investindo%20em%20Educa%C3%A7%C3%A3o%20Superior%3A%20O%20Papel%20dos%20Estudos%20Superiores%20no%20Desenvolvimento%20Financeiro%20e%20Profissional&en=page_view&_fv=1&_ss=1&_ee=1&tfd=884
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-90X8WT50PJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 11:30:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://financastop.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GKL0X3XJZS&gtm=45je48j0v9186093955za200zb9186093304&_p=1724326216025&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=379958252.1724326216&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724326216&sct=1&seg=0&dl=https%3A%2F%2Ffinancastop.online%2Finvestindo-em-educacao-superior-o-papel-dos-estudos-superiores-no-desenvolvimento-financeiro-e-profissional&dr=https%3A%2F%2Fbing.com&dt=Investindo%20em%20Educa%C3%A7%C3%A3o%20Superior%3A%20O%20Papel%20dos%20Estudos%20Superiores%20no%20Desenvolvimento%20Financeiro%20e%20Profissional&en=page_view&_fv=1&_ss=1&_ee=1&tfd=971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKL0X3XJZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://financastop.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2024 11:30:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://financastop.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.topcreativeformat.com
URL
https://www.topcreativeformat.com/a58b023bb9daf66d85a84e2b4949ec20/invoke.js
Domain
www.topcreativeformat.com
URL
https://www.topcreativeformat.com/f6e5d98929407bafac9336fdbdb56712/invoke.js

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer function| sortearUrl string| ref function| $ function| jQuery function| i_need_ads function| setCookie function| getCookie function| definirCookie function| _0x331b function| _0x1131 object| atOptions object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

7 Cookies

Domain/Path Name / Value
.cj2550.com/ Name: UUID
Value: 4854a135-3b66-5596-9237-0cc957e01dda
financastop.online/ Name: t
Value: aHR0cHM6Ly9zZXJpZXNmeGFwaS5vbmxpbmUvdHYvMzc2ODAvMS8zL2R1Yg%3D%3D
financastop.online/ Name: exemploCookie
Value: valorQualquer
.financastop.online/ Name: _ga
Value: GA1.1.379958252.1724326216
.financastop.online/ Name: _ga_9T5S3EW81E
Value: GS1.1.1724326216.1.0.1724326216.0.0.0
.financastop.online/ Name: _ga_90X8WT50PJ
Value: GS1.1.1724326216.1.0.1724326216.0.0.0
.financastop.online/ Name: _ga_GKL0X3XJZS
Value: GS1.1.1724326216.1.0.1724326216.0.0.0

5 Console Messages

Source Level URL
Text
network error URL: https://www.topcreativeformat.com/d996726f688c39935598253b501a6aab/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://www.topcreativeformat.com/deb17c7af297b9ec209bcd9bf28d2086/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://criptobr.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://blotz.me/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://blog.financastop.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.financastop.online
blotz.me
cdn.cj2550.com
cdnjs.cloudflare.com
cj2550.com
criptobr.online
financastop.online
fonts.googleapis.com
fonts.gstatic.com
investircripto.site
region1.google-analytics.com
seriesfxapi.online
whos.amung.us
widgets.amung.us
www.googletagmanager.com
www.topcreativeformat.com
www.topcreativeformat.com
104.17.25.14
172.67.145.161
172.67.218.45
172.67.8.141
188.114.96.3
188.114.97.3
192.243.59.12
2001:4860:4802:34::36
216.58.206.40
2606:4700:3034::ac43:8347
2606:4700:3036::ac43:b11b
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:829::200a
2a02:6ea0:c700::112
2a06:98c1:3120::3
23ac0638c074a767a2729a9c764eed71ed37ac04fc74a6796a0c487893386e5a
26aa49b4b7082da2eac2efe7f58b419b62688df8d2e0393248e10d3fb38d38b4
282f183eab898135b6152da9090fa849bc74f7f8aa4933890c4830d8dbb74845
2b98a1f9a2a4f069aa9c5c8dc4b8f5cb9ac1b4233251e8ce2444f267a65e8d4b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
531c4819f5dc24cc9351532067ff5df56b82a62717164eb626614fd26a132ede
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
73d162307155789ae4acabee6aac45e18e193322f9ae0ea3ec0f2c738cf811da
7c29dcdaf89190f354489fd9a9f0693fdb2ff51a6a863851c7ec2351c006811d
7d9b453ef4690a1798e2eb2c4b9c5d25daadacd04af9d2efccdd559d23f062d5
93524172fbd5e337a576b19a1d5ec0252d8d5d3c97b5bf9833d9b548d416e0cd
9f3f784beb8be1cd28b72d78bf990dbd18e270fe4d82a158adb9ec328f7039bc
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
b9a31998f845a4e7a0b9fcd2b1d5151bf337304f1ed506c9f9bfee444a74e680
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd5c7305b2c5359d93297c767a6335e4338653c82c2c0adb37a511b9a2fbec07
ecfcc4ac0e42e23a06e59e2989113f3dc19b345d9ff949006a3ce34db8c63da6
f2c0c7cd6ebb024b8dac5b623ee757b52454724f9a7d5d6ceb8eaf2e366b4c06