urlscan.io logo urlscan.io
SecurityTrails logo

www.financeiramente.online Open in urlscan Pro
2606:4700:3035::681b:a8eb  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.financeiramente.online/
Submission: On January 12 via api from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 16 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3035::681b:a8eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.financeiramente.online.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 20th 2020. Valid for: a year.
This is the only time www.financeiramente.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

22    2606:4700:3035::681b:a8eb (United States)

ASN13335 (CLOUDFLARENET, US)
www.financeiramente.online
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::ac43:478e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sendwebpush.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
www.googletagservices.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
22 www.financeiramente.online www.financeiramente.online
4 fonts.gstatic.com fonts.googleapis.com
4 pagead2.googlesyndication.com www.financeiramente.online
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.facebook.com www.financeiramente.online
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.financeiramente.online
connect.facebook.net
2 cdn.sendwebpush.com www.financeiramente.online
2 www.google.com www.financeiramente.online
www.gstatic.com
1 pixel.wp.com www.financeiramente.online
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.gstatic.com www.google.com
1 stats.wp.com www.financeiramente.online
1 fonts.googleapis.com www.financeiramente.online
1 cdn.ampproject.org www.financeiramente.online
1 www.googletagmanager.com www.financeiramente.online
54 20

This site contains links to these domains. Also see Links.

Domain
policies.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-20 -
2021-07-20		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-12-22 -
2021-03-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.financeiramente.online/
Frame ID: A67816BD56FBDF8EC0CB1DF43417A1B8
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210107/r20190131/zrt_lookup.html
Frame ID: 4E0E07F79D495E540A6B77A5CAECA0AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8458422285643765&output=html&adk=1812271804&adf=3025194257&lmt=1610448126&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.financeiramente.online%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610448126160&bpp=12&bdt=579&idt=83&shv=r20210107&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5800900854629&frm=20&pv=2&ga_vid=1282559499.1610448126&ga_sid=1610448126&ga_hid=206891291&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068946&oid=3&pvsid=1800185815704192&pem=15&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=99
Frame ID: C487BEC4AF5418F929D89AFF4C23CBED
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOYsUUAAAAAB7gZqI7oERd09wkLJgyorLIuhlU&co=aHR0cHM6Ly93d3cuZmluYW5jZWlyYW1lbnRlLm9ubGluZTo0NDM.&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&cb=xtmkjr5taf1h
Frame ID: 1999E8F24C711024BB2437CE6C563696
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: DA32C0D2C1D2FF21850F88709D28DE2F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

54
Requests

100 %
HTTPS

88 %
IPv6

16
Domains

20
Subdomains

16
IPs

3
Countries

1160 kB
Transfer

2309 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.financeiramente.online/ 		68 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63de54822cde82134d8bbffc4a34c04efcb40c4605bb5a124032f56a651016a

Request headers

:method
GET
:authority
www.financeiramente.online
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:05 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8e5e5b2f252888eac40965a0f0a58f1e1610448125; expires=Thu, 11-Feb-21 10:42:05 GMT; path=/; domain=.financeiramente.online; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding,Cookie
cache-control
max-age=3600, must-revalidate
hummingbird-cache
Served
cf-cache-status
DYNAMIC
cf-request-id
0797c9553700002bc6818ea000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jmlhZI%2BkPGmFa967V0Yjlwl3prLTHGoUT9l0k%2F9ywNC1gHE6FCP8EQQYDuJxDtXjkOKfraoRZG8CLaoFIVo5jpi6%2F6eDnBMZnvlC37Tl0XU8MWe9eRRWty2EOHWgqyEYajbH4HZIUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
610644ceb9c32bc6-FRA
content-encoding
br
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153520834-1
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22964d5d6b9a486c8773e1ea4e71b46a10ec461c76a1789aff1d4b544879c552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38965
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Jan 2021 10:42:05 GMT
api.js
www.google.com/recaptcha/ 		884 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdOYsUUAAAAAB7gZqI7oERd09wkLJgyorLIuhlU
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7367011af9bb53fb9c0219224238b1e3407c675e1ec3884c2d734c20ed6d0863
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Tue, 12 Jan 2021 10:42:05 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7949c64b96087bc7561120b86ef37bab3bb869e433978a494813d09bf372be72
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19546
x-xss-protection
0
server
sffe
date
Tue, 12 Jan 2021 10:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"1a55fda82a7a843b"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jan 2021 10:42:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c908a287be5297337a4516cf899eca2023de83254ae4edbbcbc5a0fec68e4cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47588
x-xss-protection
0
server
cafe
etag
16364074688873936899
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Jan 2021 10:42:06 GMT
style.min.css
www.financeiramente.online/wp-includes/css/dist/block-library/ 		52 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-includes/css/dist/block-library/style.min.css?ver=5.4.4
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Apr 2020 19:57:12 GMT
server
cloudflare
etag
W/"d159-5a4735aaa11f7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9qVGe1FF86WU1atSk%2FsbW2%2FDI5lXyMfD5J0l%2BJ3SGRbqx21R9nXBDTcbSlP3zwH%2FxEQd1rPPPr2mZpij3qDwSkpbeFk%2F6Wo1ik2DzWNGI2vowkcnemCArMeLwA6GlJ7NkMzK0GY%2Bpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
610644d0ef392bc6-FRA
cf-request-id
0797c9568f00002bc63f8f8000000001
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=2.1.2
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e501dc5bc5ffef634495288516458c424abd0091c3a9f1ec3d19e9df42d00a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 10:42:05 GMT
server
ESF
date
Tue, 12 Jan 2021 10:42:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jan 2021 10:42:05 GMT
min.css
www.financeiramente.online/wp-content/themes/herald/assets/css/ 		212 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-content/themes/herald/assets/css/min.css?ver=2.1.2
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a472c57f7dfdc21ad33654aab3633267329264ac57406da86b69696b5cd9140

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Nov 2019 19:29:08 GMT
server
cloudflare
etag
W/"34f76-59844e4d64900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sdgMNG7IXa8cml3WX2sj3d7Jvbej%2FLMJs4Tg8DVJsgLccCdA0S4BZvUsL2Xy13aa0b0Im0LQk7J3AqaqdYNQCvLNcw0zOA79mYsW9lujnFDWlnxvOL4U%2FDLRI6jXmF%2B%2FRdZN54tQvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
610644d0ef3b2bc6-FRA
cf-request-id
0797c9568f00002bc671bc4000000001
jetpack.css
www.financeiramente.online/wp-content/plugins/jetpack/css/ 		74 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-content/plugins/jetpack/css/jetpack.css?ver=8.7.1
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62c5e4f73e2790691b899a501ef20d9ba0f12f64d24c1fdc7d67705dea112e9

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Jul 2020 17:08:27 GMT
server
cloudflare
etag
W/"12730-5ab979aadd796-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vYZWgCTwYu1i1dsa%2FLb5wlqQI5E8G4ssUPtS%2F2J0sqUv82zIKTIAOTsrZNAJy4gakEcMbjcN%2BRHQpmRJJJ1L5cxo7%2FrzszchB9T8EizfOdRo6%2F2T%2BTChm9bsxkVTch2Eohzg26wVgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
610644d0ef3c2bc6-FRA
cf-request-id
0797c9569000002bc643080000000001
jquery.js
www.financeiramente.online/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
cloudflare
etag
W/"17a69-5890dc7401880-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y9o919BHj0saVF0fhfrivHZO9lvgWnPSGbTcOvezD2iu%2FTDJBa4uNXc3lIEqugBShO3Tv0%2BCyGuVQAODCIXXKrqCQjbUNnu%2BvqjBI%2F0d7yccrdQF6ki9nI9pw%2BQ%2BTC6AswMx3YQ75w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
610644d0ef3d2bc6-FRA
cf-request-id
0797c9569000002bc666a92000000001
jquery-migrate.min.js
www.financeiramente.online/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
cloudflare
etag
W/"2748-5333ff613c400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=96MM8G1u%2FXsxqS953IVbGoWN8TML1zQmdwZ9grQfiLoTf6R3sDSXm5m%2BPqVhx3%2BSB7VAA537pOnx%2Bz9FQk%2BhcA2Q0Rk5fy0mzXKDCxZmvLvOv%2Bth8UJIaD0DP1zQ8RkVML5H%2F0JgdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
610644d0ef412bc6-FRA
cf-request-id
0797c9569100002bc6478b3000000001
check_min.js
www.financeiramente.online/wp-content/plugins/cfmonitor/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-content/plugins/cfmonitor/js/check_min.js?ver=5.4.4
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfd81d767cf94f0cb3f078a30a8136ba6fba011e0568ee9f8f0ba2a1785e037c

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Jul 2020 17:08:23 GMT
server
cloudflare
etag
W/"3154-5ab979a7b6529-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gGWw%2F4dihUJhD6iuSBvjpknUz%2F1z%2BlDlurow1xGDJ%2FpuCqPVjUjfqN3sDDuPRAfXPDTq6XIxDbdv4zZMYhjX1ThK%2Fn6eY45S1%2FoJZ90r7KRRpJVw4leWbXOT4JZ2y26kVoUt30irHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
610644d0ef432bc6-FRA
cf-request-id
0797c9569000002bc68190c000000001
5e00b4d830f1e_6.js
cdn.sendwebpush.com/client_services/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendwebpush.com/client_services/5e00b4d830f1e_6.js
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:478e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
5f536644c5783_154.js
cdn.sendwebpush.com/adsendwebpush/client_services/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendwebpush.com/adsendwebpush/client_services/5f536644c5783_154.js
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:478e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
cartao-hipercard-guia.webp
www.financeiramente.online/wp-content/uploads/2020/08/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/08/cartao-hipercard-guia.webp
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ed3434d749e853f0ff8116209a7edb8387df525afed2ce8c05aeaa9b5af5a1

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
last-modified
Sun, 29 Nov 2020 00:06:25 GMT
server
cloudflare
age
136
etag
"4454-5b533aa15f86a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rxe8Kk0STJmarJw5yYPQHn%2FK86nac8pMGDoAgEoFYnNQsN%2FS%2B4uj0erjxPXtbkJ30RJ36OmCEWe4xLWol8m6b8ViqsPV%2F8XLkn%2BJwwFYo%2BOWOIyxO7SSFzBJK6MnC0r7HCL6D4Jv3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
610644d39cc92bc6-FRA
content-length
17492
cf-request-id
0797c9583d00002bc684bc4000000001
top-melhores-carto%CC%83es-de-credito-sem-anuidade.jpg
www.financeiramente.online/wp-content/uploads/2020/06/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/06/top-melhores-carto%CC%83es-de-credito-sem-anuidade.jpg
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b1340ae6791dd21abb3d27b0f89be471ea1a81e7c92ce4ce1e404cdfa91810

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
136
content-length
53222
cf-request-id
0797c9583d00002bc682165000000001
last-modified
Fri, 12 Jun 2020 11:40:52 GMT
server
cloudflare
etag
"cfe6-5a7e18ca2d6a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=av%2BR2qgemRGIiik%2FpMhUHgLbbtUn%2FUkq4uiUYwG569ZINhpbrLDV44eCj8%2FXXvfOVC8zd1yz3vnWOwuTT1nFCULVkKg1qBN4koV%2FMGV2bCpS4shU0tgjoeHRDnmg7%2BpbTxfEzQNQgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
610644d39ccc2bc6-FRA
Consulta-CPF.webp
www.financeiramente.online/wp-content/uploads/2020/05/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/05/Consulta-CPF.webp
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f528813092bc1c62393bc3f814bcda8057251f658dd8cd5e4254ed5d3ef45e4

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
last-modified
Fri, 12 Jun 2020 11:32:54 GMT
server
cloudflare
age
137
etag
"20f8-5a7e1702167fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q29ziNvpw0xsu63g17cWGjjXbLhEVacIpFaM5zxkxomhdGwtnvLhIPqaGxGwGMf7p3XexCQrx4jNncQPMyZx46sqmKo7RB4Rr3IuCXXxSqmFtMhWl%2FKv4z5A4NpnIerzXhv7ClNxpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
610644d39ccd2bc6-FRA
content-length
8440
cf-request-id
0797c9583e00002bc63d12a000000001
Cartao_do_cidadao_01.webp
www.financeiramente.online/wp-content/uploads/2020/05/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/05/Cartao_do_cidadao_01.webp
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec93f45ed7baac2113d2b78a5d470047985933fe88a258ad47d715861c157901

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
last-modified
Sat, 02 May 2020 14:03:01 GMT
server
cloudflare
age
137
etag
"49b4-5a4aac1842f84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qJEwIGKWuKQB5S%2BFjlj%2F1zV0e7XRYpRaqUE6YZu%2FwSBGVfc9WFrpMib10vl2zOoe9SQrGWvLwtOjZC%2FitKt%2F%2FZhRqVBoDKmxCjlaMnE7SexuzYaIOBTLDE9vX6q1VUuwLCS4gGJiyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
610644d39cce2bc6-FRA
content-length
18868
cf-request-id
0797c9583e00002bc68d158000000001
bolsa-fami%CC%81lia-2020.jpg
www.financeiramente.online/wp-content/uploads/2020/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/04/bolsa-fami%CC%81lia-2020.jpg
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c13ddba26c6b7e2049c433480881d615aa7d35cc37a8ba178923eaafa943b0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
137
content-length
21619
cf-request-id
0797c9583e00002bc666ab9000000001
last-modified
Sat, 02 May 2020 12:46:25 GMT
server
cloudflare
etag
"5473-5a4a9af9657f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vmJE7f%2BxaiMv%2FLTCiR5MoBK%2Fv0ddWVDudKB0%2BtLYevk6prAl38oKvN6Whr20sSYEKv%2Brjn8meR9YfK19%2BFi%2Fedso7NPXX2JmAbHBFy7icdoFHymXp9muGbGpbc20%2BgfxBTjbGVsKAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
610644d39ccf2bc6-FRA
FGTS-1024x654-1.webp
www.financeiramente.online/wp-content/uploads/2020/04/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/04/FGTS-1024x654-1.webp
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
566d5b01c7919ba7bbab431732abe18feb85fb0ce4244024afc6889e5460b4f6

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Apr 2020 00:38:22 GMT
server
cloudflare
age
137
etag
"dbc-5a385e20d7603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rs5PGZ411mhb5d66jOeCmzqsvz%2FNHwqRaa%2BdtvtBy5ix4qpYi1iLJhyrNPsjoO%2FVVmH55cKBkuhHpyF%2BWq1I2JnziC5L0TfY7W4eH317UVeQmax3LVMXIRio2L31ckzDkI81AC1eFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
610644d39cd12bc6-FRA
content-length
3516
cf-request-id
0797c9583f00002bc642ae1000000001
tesouro-nacional.webp
www.financeiramente.online/wp-content/uploads/2020/03/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/03/tesouro-nacional.webp
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3ab1899804b1f546f94bb7901fd25de28c317e0b9577fffe41e481a84c4bb6

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Mar 2020 10:21:28 GMT
server
cloudflare
age
137
etag
"5b44-5a0b9d519c3b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qwoo8Z%2BTyqGuWjTGw%2FqYdK9PnvC9ef4e8kh33exEV6EQ7GvnzMJsYfHQ%2FEahaq2dEJZUnuteecJbhLzzGYljRJG0Nw2Gd4%2Ftv6vBF%2BrOvasTqs1NQM4L0X1mcoCZEVkmvwQGaYSz5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
610644d39cd32bc6-FRA
content-length
23364
cf-request-id
0797c9583f00002bc632bdd000000001
3_otimas_maneiras_de_ganhar_dinheiro_rapido.webp
www.financeiramente.online/wp-content/uploads/2020/02/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/02/3_otimas_maneiras_de_ganhar_dinheiro_rapido.webp
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
811d8c93110ff875be446b5900ac840ecec5dae95d07dd8569eb4098457b9fb2

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Mar 2020 10:17:20 GMT
server
cloudflare
age
137
etag
"6944-5a0b9c65468a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LvH9qMoSRDwwEoDvXbwLrkk%2Fqryr4xkMypoSTqWrDTNFSTg9Of1h%2B4SISET19cMTTKs%2BfRkr2%2BqeTOuK%2Fs5V2PflAw3GD2hZCmp7cnvyiCWjGeeHgcOScDUpqN8RSew9XOAd68ciPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
610644d39cd42bc6-FRA
content-length
26948
cf-request-id
0797c9583f00002bc67b0ef000000001
aumento-de-limite-de-cartao-2.webp
www.financeiramente.online/wp-content/uploads/2020/02/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/02/aumento-de-limite-de-cartao-2.webp
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a35858ff08f28504956908d90221932be85dbaeb1b53209b7c4eca6a428c6d

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Feb 2020 19:30:53 GMT
server
cloudflare
age
137
etag
"39f8-59f6b86b049fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bMr4U0eCunw4bWWZHTdP7pXn1DiBT4nyBLE82qJx4Y%2FNriKiG9zEULS2NmSbGflTqdpSNQEbbAHfBLAcEhC66ibGkGkno7sUB5cC5Gal0%2F0llMyEfOu0QkPLLdeTkxH98R2kuSI%2Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
610644d39cd72bc6-FRA
content-length
14840
cf-request-id
0797c9583f00002bc688b7d000000001
images-1.webp
www.financeiramente.online/wp-content/uploads/2020/02/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.financeiramente.online/wp-content/uploads/2020/02/images-1.webp
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4540a801caf90e743647e6719dfb33b657642c2921a3a5bc5554e15b7fedf734

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 10:59:35 GMT
server
cloudflare
age
137
etag
"6938-59dd20d490ab2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aTU6eNoPvkwfeNzpO%2BXdw460D%2BEMIrrqjpOtTrcaeLeA64o%2BQjoBTadG%2Bxg5fNVhl3eFDN5hO89o7eS15GmwgX6XjihpMFP3GeoM42Sp%2BqWBoMcH6QgsiyOFsjtaxkUboOPzkDF1yw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
610644d39cd82bc6-FRA
content-length
26936
cf-request-id
0797c9583f00002bc669883000000001
min.js
www.financeiramente.online/wp-content/themes/herald/assets/js/ 		94 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-content/themes/herald/assets/js/min.js?ver=2.1.2
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf8b786e6d8defa3162cbcbb60165fccbd7af5dbbb89c98774b6683b5db37a15

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Nov 2019 19:29:08 GMT
server
cloudflare
etag
W/"17913-59844e4d64900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W6lHVkxip6UFtvbnSslnXwiQDuDZTI5kSgjoka0UGyj2UyXlXZwCDncEtEmeHDs%2Btpfdp%2FNwneagc3Xm%2Bq4ChkigHUXTqcdh6I87YWEoFDXr2%2FZnBLE019P0yavjmkyedAVk7Uh2ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
610644d36c892bc6-FRA
cf-request-id
0797c9582500002bc62a009000000001
wp-embed.min.js
www.financeiramente.online/wp-includes/js/ 		1 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-includes/js/wp-embed.min.js?ver=5.4.4
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 11 Apr 2020 20:10:48 GMT
server
cloudflare
etag
W/"59a-5a30972216aa3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yMwyhW89sAF0GZVJR9NVC3qq1z7llWY9XvyylGxCJ%2Ba5XW38piHLMjPbN0bFaqLYyjXyAnCd3gfiR3yQRqqdC6KeuLD4qmVvT3VHoSXE2cWaWexK2bec1GYyT12a0HTZB5fWE4VmKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
610644d37c932bc6-FRA
cf-request-id
0797c9582700002bc62baa3000000001
e-202049.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202049.js
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams
date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 28 Nov 2021 23:20:46 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 		334 KB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdOYsUUAAAAAB7gZqI7oERd09wkLJgyorLIuhlU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.financeiramente.online
Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:10:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 06 Dec 2020 23:05:51 GMT
server
sffe
age
1923
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341608
x-xss-protection
0
expires
Wed, 12 Jan 2022 10:10:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		90 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23366
x-fb-rlafr
0
pragma
public
x-fb-debug
X4zlTxhSjmGcfetaDzzE0uzXp/QMDfBgKJVaOJjmZLw8cG44L4ezWaan6E6rozPDFDL+hIaV/E6l/3gC6ckAoA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 12 Jan 2021 10:42:06 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
wp-emoji-release.min.js
www.financeiramente.online/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-includes/js/wp-emoji-release.min.js?ver=5.4.4
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 11 Apr 2020 20:10:48 GMT
server
cloudflare
etag
W/"364d-5a3097220ce62-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pT2QZlrBgRkjuBfsPtJmYs1dvCbQ6dBbV6SODOEtqiX80mYLMOtmXLNNLguYKiFNL6bRyKBKYQ7LTF1lsbzfiTGW3bMvaP8PPp7l9FbxCusGiWvhtGPXwMrqYcHSz%2FCG7CbveQO3SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
610644d39cda2bc6-FRA
cf-request-id
0797c9584000002bc676ab5000000001
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153520834-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4954
date
Tue, 12 Jan 2021 09:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 12 Jan 2021 11:19:32 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=2.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.financeiramente.online
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=2.1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 06:27:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:25 GMT
server
sffe
age
360856
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Sat, 08 Jan 2022 06:27:50 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=2.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.financeiramente.online
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=2.1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 21:30:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
393073
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Fri, 07 Jan 2022 21:30:53 GMT
fontawesome-webfont.woff2
www.financeiramente.online/wp-content/themes/herald/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/wp-content/themes/herald/assets/css/min.css?ver=2.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://www.financeiramente.online
Referer
https://www.financeiramente.online/wp-content/themes/herald/assets/css/min.css?ver=2.1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:07 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Nov 2019 19:29:08 GMT
server
cloudflare
etag
"12d68-59844e4d64900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=etUXrJhqn7hCAD3RjkkRoMEYa9egz7rBMzpthyigvTAe8M9JhF6VkYkioQ4foHu3zJkm8%2Fci%2BCwaQzH0XkTS3qBTsk7O%2B03EoXWVYnN5Yjc2IDvI7yFXjJNWTXyGMVTNjQoCIG39NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
610644d3acf52bc6-FRA
content-length
77160
cf-request-id
0797c9584600002bc68f8ef000000001
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=2.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.financeiramente.online
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=2.1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 20:14:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
397679
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Fri, 07 Jan 2022 20:14:07 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=2.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.financeiramente.online
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=2.1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 06 Jan 2021 19:09:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
487976
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 06 Jan 2022 19:09:10 GMT
2246386705682003
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2246386705682003?v=2.9.32&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c30f6b07bdff730788606770e5c4d9ca6569e4fd222176244871f846330d9421
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70475
x-fb-rlafr
0
pragma
public
x-fb-debug
DMYJt6eamAFUYIg3Bjq3g/VUb1PHH06qeinSvqFUsRdAg7kpo6forhWFNrGT63YkeAStf/rX5ZzKjRHCKJ0c9A==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 12 Jan 2021 10:42:06 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1352046857
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=206891291&t=pageview&_s=1&dl=https%3A%2F%2Fwww.financeiramente.online%2F&ul=en-us&de=UTF-8&dt=Financeiramente%20-%20%24%24%24%24&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=354056117&gjid=2137675979&cid=1282559499.1610448126&tid=UA-153520834-1&_gid=1301436955.1610448126&_r=1&gtm=2oubu0&z=491449013
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 10:42:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.financeiramente.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/ 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9cdc6393e9b4c9a23e7d7c94ae3b58562509dda50b4345793ad7c7e7aaa9212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86362
x-xss-protection
0
server
cafe
etag
10863011108655135941
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Jan 2021 10:42:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210107/r20190131/ Frame 4E0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210107/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210107/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.financeiramente.online/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.financeiramente.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 12 Jan 2021 05:52:50 GMT
expires
Tue, 26 Jan 2021 05:52:50 GMT
content-type
text/html; charset=UTF-8
etag
10807049716293534881
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4578
x-xss-protection
0
age
17356
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2246386705682003&ev=PageView&dl=https%3A%2F%2Fwww.financeiramente.online%2F&rl=&if=false&ts=1610448126190&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.1.1610448126189.84712841&it=1610448126070&coo=false&rqm=GET
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 12 Jan 2021 10:42:06 GMT
cookie.js
partner.googleadservices.com/gampad/ 		212 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.financeiramente.online&callback=_gfp_s_&client=ca-pub-8458422285643765
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
a10230cd354adcf998c519b217693473da39ad19d089c0c3a1da04339292fbb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.financeiramente.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.financeiramente.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C487 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8458422285643765&output=html&adk=1812271804&adf=3025194257&lmt=1610448126&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.financeiramente.online%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610448126160&bpp=12&bdt=579&idt=83&shv=r20210107&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5800900854629&frm=20&pv=2&ga_vid=1282559499.1610448126&ga_sid=1610448126&ga_hid=206891291&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068946&oid=3&pvsid=1800185815704192&pem=15&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8458422285643765&output=html&adk=1812271804&adf=3025194257&lmt=1610448126&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.financeiramente.online%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610448126160&bpp=12&bdt=579&idt=83&shv=r20210107&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5800900854629&frm=20&pv=2&ga_vid=1282559499.1610448126&ga_sid=1610448126&ga_hid=206891291&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068946&oid=3&pvsid=1800185815704192&pem=15&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=99
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.financeiramente.online/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.financeiramente.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 12 Jan 2021 10:42:06 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 12-Jan-2021 10:57:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 12 Jan 2021 10:42:06 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1609936916402840"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Tue, 12 Jan 2021 10:42:06 GMT
admin-ajax.php
www.financeiramente.online/wp-admin/ 		75 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.financeiramente.online/wp-admin/admin-ajax.php?action=ajax-checkclicks&nonce=8f43951af0
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:a8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838bc620af0eabc3e6680a760320e4aa6aab6ed4ad87fbe621cb360d83acf014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.financeiramente.online/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
0797c959cb00002bc62fada000000001
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tRz%2Bk0Arur6hf4p2%2B0CkJ2tefUBDQSAjHmcLW854UNs2dgC35U44fAoUnr7%2FtTnSgC8Bhx5nIdPn6QSKfNDhNqpf8Jef4ebki7tWR6vNO4A2FzJCG154WgYhyaizqtWaUAftFFCCvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.financeiramente.online
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
610644d61ab32bc6-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1999 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOYsUUAAAAAB7gZqI7oERd09wkLJgyorLIuhlU&co=aHR0cHM6Ly93d3cuZmluYW5jZWlyYW1lbnRlLm9ubGluZTo0NDM.&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&cb=xtmkjr5taf1h
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QoGyVhj9Opehv9pJ/OpPuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdOYsUUAAAAAB7gZqI7oERd09wkLJgyorLIuhlU&co=aHR0cHM6Ly93d3cuZmluYW5jZWlyYW1lbnRlLm9ubGluZTo0NDM.&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&cb=xtmkjr5taf1h
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.financeiramente.online/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.financeiramente.online/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 12 Jan 2021 10:42:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-QoGyVhj9Opehv9pJ/OpPuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10055
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A8.7.1&blog=171373267&post=0&tz=-2&srv=www.financeiramente.online&host=www.financeiramente.online&ref=&fcp=839&rand=0.07734864823820042
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2246386705682003&ev=Microdata&dl=https%3A%2F%2Fwww.financeiramente.online%2F&rl=&if=false&ts=1610448126724&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Financeiramente%20-%20%24%24%24%24%22%2C%22meta%3Adescription%22%3A%22%24%24%24%24%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Financeiramente%20-%20%24%24%24%24%22%2C%22og%3Adescription%22%3A%22%24%24%24%24%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.financeiramente.online%2F%22%2C%22og%3Asite_name%22%3A%22Financeiramente%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.financeiramente.online%2F%23website%22%2C%22url%22%3A%22https%3A%2F%2Fwww.financeiramente.online%2F%22%2C%22name%22%3A%22Financeiramente%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.financeiramente.online%2F%3Fs%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Person%22%2C%22url%22%3A%22https%3A%2F%2Fwww.financeiramente.online%2F%22%2C%22sameAs%22%3A%5B%5D%2C%22%40id%22%3A%22%23person%22%2C%22name%22%3A%22BlogFinanceiramente%22%7D%5D&sw=1600&sh=1200&v=2.9.32&r=stable&ec=1&o=30&fbp=fb.1.1610448126189.84712841&it=1610448126070&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.financeiramente.online
URL: https://www.financeiramente.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 12 Jan 2021 10:42:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210107&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b13140d637c8917ab7c0c2d7555ad64a959609cb55de45d4b0b1951ad18125d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jan 2021 10:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6549
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Tue, 12 Jan 2021 10:42:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame DA32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.financeiramente.online/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.financeiramente.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Tue, 12 Jan 2021 10:24:57 GMT
expires
Wed, 12 Jan 2022 10:24:57 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1030
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210107&jk=1800185815704192&bg=!ubqluprNAAXKjztBylhdNMAluNWUFgIAAABNUgAAAAxoAQcKAePlSApB_I_HneVo3XTu94ihgAwAMJ06krmAQqH64pwxQt40ZrRQ21TUwK_v2PF7uU3kNfh_BsPBqd3MXuVSHh0YPy8QvPcwQ5i0rpbmNI_i4Twjpnom0OYCkn_A8OUQVpAJGugZYzcF9ESgpnOPN3NcdTPiTe47XpKLZ4d0WcaaApc5vohFbjncl6aXdMIrmduixZqFt2TTlPyr5Bl2l8S-3PgwWurItmp4IaFdCLkKl88n-Jm04dURmgJJBQBZkWYLURzcFOtoSFkKksRoGmJzGUP1ycpCIOMD1bJP_FzoXruIl9FqnernXgNcML10QgfIY_DJV_wMJ62bjYJlBVK6RNCARpBYcJt1Oen1xVzWYp39PlaDo6T5fU2qroODvA-kRFFzE5zYgAIxPRly7eK3fI0gdi6R_OZwNkfh8Q2MZx_m8LWLG5U9VYd7xLh3sicVwj2_V10a2HN4ArFdD0_h6icU22LlquNDqsKWYMHli_Ia4YtpEILtwRhzHvQcbwHjq0pb25YwHzxzGZZ4tI6E4GtSidEByUS00bq7GRreAuC3zntfGCXlU2FZfvbwDq2au4ewwYt6DD_2QB39sRd26zEsZVlflUV_tbI4tm2MbpyGYomJg9dgTQMeX5HT2nfwluyZAcP1_H_TCw-AmzDVdFi0q5mmljGF4ELZy6EtkPn2w7UIwQ_EnJfqgI5wwm6dUFlAI-0OtFvRWU5ZyLrcaj9KCDR7wc6Tzj2D6cqU5x4JVfBBPiR4KmGFR0Lx3eAxYsgYIH3L3UJ8Rz0Y5CChRsUYBnZcOTf6kub2F43_v6cLgESvkgzZ7U1YvfrUuyqL9_DFS2k7tQyPkznxXuf6yfd92xV9hpsBMKvn4hjiD1aOnJHtUHAtjBIpU8s_EYEhkaLEt1LonCwqcRdAaPW4Znuy9PX6H9Xatm_q9l1TRPrq0DFiCv_9aKpVFk1AiLYcDcx_Wsw1rzrQU9S8e5eLkxeSokJII1GyoKFnIN3R_jmoYyjdPUkHv0Knfi7RpzzYAjdQWXsQk-bvkqmS_tBOYknzABIwkwJtrBbIbHB5GzExlzp_pI_9ztfmrj-3zCtNC1xvunx4ZO3iEL7EzjCzNqDMwqirWUoo0-L9t4uWRoDmBTUQ1MGeZiVPTMnYqIE-xG9JraUgMPSOnywy63IvQ9V4SugzOC-VHFy41CYMdP4QjNaCyujZRnW4O6UsZzhxaa-Y_0PxVivOv_7j_o1H54PW_i5FgKU1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.financeiramente.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 10:42:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| fbq function| _fbq object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery object| cfmonitor object| herald_js_settings object| gaplugins object| gaGlobal object| gaData object| recaptcha object| AMP object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| twemoji object| wp function| EventEmitter object| eventie function| imagesLoaded object| _stq string| frameID object| frameID_customClass object| jQuery11240591531627555477 object| closure_lm_318494 function| st_go function| linktracker_init object| wpcom object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.financeiramente.online/ Name: __gads
Value: ID=4997965a283ccd3c-22b2ea049ea600ec:T=1610448126:RT=1610448126:S=ALNI_MbXh0hZox1O6o0sCj04NTwPn7Ga3A
.financeiramente.online/ Name: _gat_gtag_UA_153520834_1
Value: 1
.financeiramente.online/ Name: _gid
Value: GA1.2.1301436955.1610448126
.financeiramente.online/ Name: _fbp
Value: fb.1.1610448126189.84712841
.financeiramente.online/ Name: _ga
Value: GA1.2.1282559499.1610448126
.financeiramente.online/ Name: __cfduid
Value: d8e5e5b2f252888eac40965a0f0a58f1e1610448125

5 Console Messages

Source Level URL
Text
console-api log URL: https://www.financeiramente.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://www.financeiramente.online/wp-content/plugins/cfmonitor/js/check_min.js?ver=5.4.4(Line 1)
Message:
.cfmonitor
console-api log URL: https://www.financeiramente.online/wp-content/plugins/cfmonitor/js/check_min.js?ver=5.4.4(Line 1)
Message:
.adsbygoogle
console-api log URL: https://www.financeiramente.online/wp-content/plugins/cfmonitor/js/check_min.js?ver=5.4.4(Line 1)
Message:
.cfmonitor
console-api log URL: https://www.financeiramente.online/wp-content/plugins/cfmonitor/js/check_min.js?ver=5.4.4(Line 1)
Message:
.adsbygoogle

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
cdn.sendwebpush.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
stats.wp.com
tpc.googlesyndication.com
www.facebook.com
www.financeiramente.online
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
192.0.76.3
216.58.212.130
2606:4700:20::ac43:478e
2606:4700:3035::681b:a8eb
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:817::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b13140d637c8917ab7c0c2d7555ad64a959609cb55de45d4b0b1951ad18125d
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a472c57f7dfdc21ad33654aab3633267329264ac57406da86b69696b5cd9140
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f528813092bc1c62393bc3f814bcda8057251f658dd8cd5e4254ed5d3ef45e4
22964d5d6b9a486c8773e1ea4e71b46a10ec461c76a1789aff1d4b544879c552
22ed3434d749e853f0ff8116209a7edb8387df525afed2ce8c05aeaa9b5af5a1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4540a801caf90e743647e6719dfb33b657642c2921a3a5bc5554e15b7fedf734
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
566d5b01c7919ba7bbab431732abe18feb85fb0ce4244024afc6889e5460b4f6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e501dc5bc5ffef634495288516458c424abd0091c3a9f1ec3d19e9df42d00a7
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7367011af9bb53fb9c0219224238b1e3407c675e1ec3884c2d734c20ed6d0863
7949c64b96087bc7561120b86ef37bab3bb869e433978a494813d09bf372be72
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
7d3ab1899804b1f546f94bb7901fd25de28c317e0b9577fffe41e481a84c4bb6
811d8c93110ff875be446b5900ac840ecec5dae95d07dd8569eb4098457b9fb2
81a35858ff08f28504956908d90221932be85dbaeb1b53209b7c4eca6a428c6d
838bc620af0eabc3e6680a760320e4aa6aab6ed4ad87fbe621cb360d83acf014
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a10230cd354adcf998c519b217693473da39ad19d089c0c3a1da04339292fbb4
a63de54822cde82134d8bbffc4a34c04efcb40c4605bb5a124032f56a651016a
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b9cdc6393e9b4c9a23e7d7c94ae3b58562509dda50b4345793ad7c7e7aaa9212
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bfd81d767cf94f0cb3f078a30a8136ba6fba011e0568ee9f8f0ba2a1785e037c
c30f6b07bdff730788606770e5c4d9ca6569e4fd222176244871f846330d9421
c908a287be5297337a4516cf899eca2023de83254ae4edbbcbc5a0fec68e4cfe
cf8b786e6d8defa3162cbcbb60165fccbd7af5dbbb89c98774b6683b5db37a15
e2c13ddba26c6b7e2049c433480881d615aa7d35cc37a8ba178923eaafa943b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e62c5e4f73e2790691b899a501ef20d9ba0f12f64d24c1fdc7d67705dea112e9
e9b1340ae6791dd21abb3d27b0f89be471ea1a81e7c92ce4ce1e404cdfa91810
ec93f45ed7baac2113d2b78a5d470047985933fe88a258ad47d715861c157901
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb