fr.usmoney.com.br Open in urlscan Pro
104.26.12.10 Public Scan

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fr.usmoney.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 17:54:06 GMT
x-content-type-options: nosniff
age: 485749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 17:54:06 GMT

GET
H3 200 template-3d0b43ca.mjs Show response
cdn.cloud.adseleto.com/plugins/ 231 B
259 B 28ms
28ms Script
application/javascript 34.36.196.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/plugins/template-3d0b43ca.mjs
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.196.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.196.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a6d52e194584784f55fb673838961fbf6767d1c091fd80a05b36aec1e2e341a9

Request headers

Referer: https://cdn.cloud.adseleto.com/plugins/faux-drift.min.js
Origin: https://fr.usmoney.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:47:36 GMT
age: 139
x-guploader-uploadid: AHxI1nOGDuXX8MBs_-xMSXsyNyGf7AIS-9uHIEwXLd-T1KPy6jOCPD0rQpemKeDGj_AViTmSv60
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 231
last-modified: Mon, 22 Jul 2024 17:09:02 GMT
server: UploadServer
etag: "fc0494ab49febdd969117ee66289e4d4"
x-goog-generation: 1721668142570219
x-goog-hash: crc32c=/Z486Q==, md5=/ASUq0n+vdlpEX7mYonk1A==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=300
x-goog-stored-content-length: 231
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 42ms
41ms Font
font/woff2 142.250.80.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fr.usmoney.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 01:37:19 GMT
x-content-type-options: nosniff
age: 457956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 01:37:19 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 47ms
47ms Font
font/woff2 142.250.80.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fr.usmoney.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 01:44:28 GMT
x-content-type-options: nosniff
age: 457527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 01:44:28 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 150ms
53ms Fetch
text/plain 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HFFV7YSWXE&gtm=45Pe4880v9191751220za200&_p=1723538995401&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&gdid=dZTNiMT&cid=2017214637.1723538996&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723538995&sct=1&seg=0&dl=https%3A%2F%2Ffr.usmoney.com.br%2F&dt=fr.usmoney.com.br&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1074
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KV6JXG47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s71-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 08:49:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.usmoney.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
analytics.spun.com.br/site-stats/ 0
543 B 86ms
54ms XHR
text/html 172.67.140.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.spun.com.br/site-stats/

Requested by

Host: analytics.spun.com.br
URL: https://analytics.spun.com.br/stats.js?v=3.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.140.50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQvQDQBTy6aiMN88F

Response headers

date: Tue, 13 Aug 2024 08:49:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neEbI0MAyQ8rMGmGzMVZ3%2BeIYJtUJ%2FngHtXBOmKg%2FiCoFZQ7ZE%2FqwFbImzjyy5H3htLq0pcArmNM0ZOfEhGDrTqsVRaq%2B4FoU%2BDiYEBgFVUyByGESLWQjsIdoK6GLGdwkF3xJxfdj10%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cf-ray: 8b277463db9eabd6-YYZ
alt-svc: h3=":443"; ma=86400

POST
H3 200 / Show response
analytics.spun.com.br/site-pageview/ 5 B
511 B 98ms
66ms XHR
text/html 172.67.140.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.spun.com.br/site-pageview/

Requested by

Host: analytics.spun.com.br
URL: https://analytics.spun.com.br/stats.js?v=3.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.140.50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

8137cf1870430460999ec4cc7e954e08a00d126721af5d6954c4b8bba59e5754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryH9kYXj4WJrKvLFR7

Response headers

date: Tue, 13 Aug 2024 08:49:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6sIja86W%2BOMwr3f%2Bo9iy3vW6Irk%2FMCjXTSXcdNhTm5njx0tUe252FJ85pDlBOgIDv8QxkEEZtd0DRaljpimfVTOstnsQoLJDV1%2BFffi7KJgJy2SfUya8%2FQNq3Jh3WuS%2B1G1xVtWCYM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cf-ray: 8b277463dba0abd6-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 42ms
40ms Font
font/woff2 142.250.80.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fr.usmoney.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 00:03:00 GMT
x-content-type-options: nosniff
age: 463615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 00:03:00 GMT

GET
H2 200 juros-na-europa-jpg-1.jpg-300x200.webp
fr.usmoney.com.br/wp-content/uploads/2024/07/ 18 KB
18 KB 354ms
348ms Image
image/webp 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/juros-na-europa-jpg-1.jpg-300x200.webp
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fb46c17241a8de5d8e870887f7cd075ab42641816515fc5db2eb8afd51b7b1b

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Jul 2024 22:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66a81703-4724"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCXEQCEzUV%2FSvHvNfdkDd9BxisDZTj%2FpPgUr9D9F0G4pFQduRlqg5UtHl0GRcQ1g2lPU5SptYhegamvxt4jAwRRVAZIiZX2UcRdBLCGyHHNM1oSUP7eBDBla2jNGUfPk0Vtp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463b8ceabee-YYZ
content-length: 18212

GET
H2 200 gettyimages-907280674-300x184.webp
fr.usmoney.com.br/wp-content/uploads/2024/07/ 8 KB
8 KB 244ms
239ms Image
image/webp 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/gettyimages-907280674-300x184.webp
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e3f6f4804e550621c2dd4a74d47850c451f3eb645738219511879e9f14e3e0d

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Jul 2024 22:20:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66a815ae-2078"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64V%2BbpQXrfsY5mkPv1vHiqGxdxItNI2rbqyBw1K%2BSvtedGP8bw8q07TV4tY42Us9fylCmqOTsFeq3csU595cWVUkCrF61VKI0OUZBpWkvz71Ksu1GQEsydSUaCeWx1NPBCHj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463b8cfabee-YYZ
content-length: 8312

GET
H2 200 educacao-financeira-nas-escolas-300x200.webp
fr.usmoney.com.br/wp-content/uploads/2024/07/ 4 KB
5 KB 270ms
265ms Image
image/webp 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/educacao-financeira-nas-escolas-300x200.webp
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca3a51bd1b27969a167b679a67fb34a3e2086089cadd667731e09207cc7444e

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jul 2024 18:41:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "669d5672-1194"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IGTEvVKKiQnm8O30y5zNYzldgF1tgO6nBVSnQxRbhr%2FFXk4AV9qSCPuLWe1SRpFm8lEkzkSG0EOS9%2BsxQdnPMq04i%2F1lKcjpkmaLbVjgpTdomUJFuYOlue92crxSXBnBk0JF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463b8d0abee-YYZ
content-length: 4500

GET
H2 200 images-1.jpeg
fr.usmoney.com.br/wp-content/uploads/2024/07/ 10 KB
10 KB 238ms
234ms Image
image/jpeg 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/images-1.jpeg
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d3f279e84de6ebdd889dc4ecec907e88f86831552450e4e36398005df05922

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jul 2024 17:42:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "669d486e-26e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36BQZLRvGBAOELnb%2F5r9S4m94aN%2BJ3RmWkrDyoLONxHeI2LVgM%2FgqlUkalVrjSlgaSOvpVzKitRNDntwZoyMKzIhUEudiZK5kIEMpfoL9FTeZDcZBov%2FPdbhsuiT0%2F6nvMtw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463b8d1abee-YYZ
content-length: 9959

GET
H2 200 investindo-em-startups-oportunidades-e-riscos-300x200.png
fr.usmoney.com.br/wp-content/uploads/2024/07/ 113 KB
113 KB 436ms
433ms Image
image/png 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/investindo-em-startups-oportunidades-e-riscos-300x200.png
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b3b71ccec909105938cfc9ebb177862efe474519852f45f675938ce9829f0e7

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jul 2024 17:37:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "669d4771-1c33b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GO8K4II6KJyIn%2B4wmcUMIbyWm2i1jeDdCeJB%2FwYxjBDgclwUMGWwbg7gp3JOKqdNeY%2FJZZ8ReF1n6U19yW04yWFQJxlCmjlP%2BqrQJv9O7yVTMWizaSVlTqbMEhSmYAw4f8CG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463b8d2abee-YYZ
content-length: 115515

GET
H2 200 tendencia-mercado-imobiliario-300x158.webp
fr.usmoney.com.br/wp-content/uploads/2024/07/ 9 KB
9 KB 270ms
268ms Image
image/webp 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/tendencia-mercado-imobiliario-300x158.webp
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb0d33b299c84d1dbfb9f7dba5bac30d0abe0869920dc7b8bcaaf2518c16e0cc

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jul 2024 17:34:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "669d4695-238a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILa2Eqj5B%2F9twXybbOCVMhBqjZembLMRn7p6Srsoj42ivkqSpxMQPleIwFosVbTgLZzmXfXjWovvpVBA416OBVskOumpFfX0Lnn2GD7SXRlFQEbBD%2BxEOOT3l0HPWhR%2B1okb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463b8d3abee-YYZ
content-length: 9098

GET
H2 200 AXPSWWOAAVCM3AAX6M42GV7TOQ-300x169.jpg
fr.usmoney.com.br/wp-content/uploads/2024/07/ 7 KB
7 KB 277ms
274ms Image
image/jpeg 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/AXPSWWOAAVCM3AAX6M42GV7TOQ-300x169.jpg
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 121442e15194ecb096f064d1c0093f63148d11969b479850963e9087803064a4

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jul 2024 17:25:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "669d4480-1a47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mTE4PRMjWZCnDlCIk2z5FWSbvB4rN5lrMo6DBpACDn5RorcBunElcAW%2Bc95XOTB863VyIzUnrm0Tt25vQ%2FpynBcDfBwMl5eovxRfwquKxBBKEtLwcdUHvWyzWva4zUPi2XnA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463b8d4abee-YYZ
content-length: 6727

GET
H2 200 Finance-pana-1-1.png
fr.usmoney.com.br/wp-content/uploads/2024/02/ 213 KB
214 KB 359ms
357ms Image
image/png 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/02/Finance-pana-1-1.png
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4fa41205796c35e4e0ff969ded11e77dde10b808014acf70c6e450a8a156d8

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 18:25:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d79199-3553d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eh98XcXExyQUlw4R7AX3mOg7OxClXMd8tkCzPweRkGG2lKLNKgt0X%2Bli5kSHZpQF5cdn5S4Pr077umbGPdnZjw%2BnlQJGWXx0UDn%2FxVnA4guawU9F%2Be3A3cUGmpyemqx%2FuUFo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463e8e1abee-YYZ
content-length: 218429

GET
H2 200 crise-economica.webp
fr.usmoney.com.br/wp-content/uploads/2024/07/ 10 KB
10 KB 233ms
231ms Image
image/webp 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/crise-economica.webp
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a3b35e63380318eb8d473f46f0d8fbf3095e76ae0900ed76fe3ef3865fd186

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Jul 2024 22:32:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66a81874-275c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pr90nCGjnKqk%2B5UvAz2WcX8Wj6T7umkfZLd4dkeAV6j3rsYJ1lVaKCFY5d7iesod7pX1bN6fwgrjpRR1vHiEzynOeDQouC1FeqqcegRlSyAcNJLq8nCBkFLVfnXV40WZ%2B%2BQp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463e8e2abee-YYZ
content-length: 10076

GET
H2 200 juros-na-europa-jpg-1.jpg.webp
fr.usmoney.com.br/wp-content/uploads/2024/07/ 111 KB
112 KB 428ms
427ms Image
image/webp 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/juros-na-europa-jpg-1.jpg.webp
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89cec42640070d9f4ec5c7351ad01e0d500ab876233ad0ccd16bbba79e9c0fd5

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Jul 2024 22:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66a81703-1bc76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RojucLrROMOgMA7jKCqWHTYn0ZU0N%2BoUxzBOTgofW6ZoUkVNL7mZC1D%2B9LculgXgyq2GpPqvkRkZiF%2BT3DMYTa1ZB8mATz%2BE%2FUsufP7yQnsDdJPRI8mXC8sedtcygC3O%2BKm7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463e8e3abee-YYZ
content-length: 113782

GET
H2 200 gettyimages-907280674.webp
fr.usmoney.com.br/wp-content/uploads/2024/07/ 40 KB
41 KB 357ms
355ms Image
image/webp 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/gettyimages-907280674.webp
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daff9aef1632fc3a660a89bd1f26042c876feef3aaf324a95f43516ba0f1b977

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Jul 2024 22:20:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66a815ae-a1ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qOACc8eQqGEvdNwAaonjNGqnD8eV8DhRMxy1Lp7G0nxI9X%2BEZGSSOMnO26xESq%2FLYa5jXNVkBvNqUBa14yTYvltCv0hZoILvhAni07WMbvgpf0geIi%2FTr3XbOGm2SYC%2FWyxe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463e8e4abee-YYZ
content-length: 41422

GET
H2 200 educacao-financeira-nas-escolas.webp
fr.usmoney.com.br/wp-content/uploads/2024/07/ 25 KB
25 KB 345ms
344ms Image
image/webp 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/educacao-financeira-nas-escolas.webp
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 740fdb645e3d5ff4e8c146c2d1889b99d50f10477f13086cbd92b37dc63f2a79

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jul 2024 18:41:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "669d5672-63ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCxI1s8dAsTSDG1d5l%2BZh8Bd1%2FmmWSep9oGchRpj0OJMpn5l99xzwqyOTZVGRbQjiV4vZxxB6vPs%2BCWQasfb32Y1NYnr36wNHzPHWjKVyzfmx4%2F3ciFebCT6K6VWyIZiPl9m"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463e8e5abee-YYZ
content-length: 25518

GET
H2 200 investindo-em-startups-oportunidades-e-riscos.png
fr.usmoney.com.br/wp-content/uploads/2024/07/ 999 KB
1000 KB 368ms
367ms Image
image/png 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/investindo-em-startups-oportunidades-e-riscos.png
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83811afdb34b3cf602da306139ddcf97bf3612ba58de3aaace3cf2a903715e54

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jul 2024 17:37:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "669d4771-f9bbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mRlSMhjfOWLin2ArbE8h%2BhmdnVY1zPP3e9zYbexSF1tOyWFonVZoflpjSY5eDVeA57136OrVGzpN4TxjHLPx4GUcdp70deqfA2T0iUOJSkd4sqP7atQDKXzqME8N0d3OD9tM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463e8e6abee-YYZ
content-length: 1022911

GET
H2 200 tendencia-mercado-imobiliario.webp
fr.usmoney.com.br/wp-content/uploads/2024/07/ 75 KB
75 KB 414ms
413ms Image
image/webp 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/tendencia-mercado-imobiliario.webp
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb15992340d777069f156dc3b1f4e22a6fba96a1980498a4b909d952e41c1b85

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jul 2024 17:34:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "669d4695-12b6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3LTtKLx7i3HgEpOqzMDPAtyIEk0%2FmU4ubJVFGMPBTUnPpLZ8iazrpq%2FwTkHN82NGd1lhIsNQq2a7rzqYTvc9TDCGmolLqqqTh6cYIyozfOtL1grYYcVlkkG9RhinOxUOanA0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463e8e8abee-YYZ
content-length: 76650

GET
H2 200 AXPSWWOAAVCM3AAX6M42GV7TOQ.jpg
fr.usmoney.com.br/wp-content/uploads/2024/07/ 182 KB
182 KB 358ms
358ms Image
image/jpeg 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/07/AXPSWWOAAVCM3AAX6M42GV7TOQ.jpg
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab0c1988d0127788a5620971a483599c76956aa155e23c914f926337ec7deb9

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jul 2024 17:25:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "669d4480-2d790"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JoVZ2oPwcKNcY28I2qO9sDERKsXHC0Xz98B%2Ff%2F96s4g0TPGlg12nZMa%2FYVvIwkB2YsEE06p8dOF9QeUDMnb5kkM0DyUei%2F6YmLodMkQa9000LA4LOLq9F9sSBsfPRCFAUJkR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b277463e8e9abee-YYZ
content-length: 186256

OPTIONS
H2 204 auto-custom-targets
pmd-api.cloud.adseleto.com/tasks/ Frame 0
0 336ms
194ms Preflight
text/html 142.251.40.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmd-api.cloud.adseleto.com/tasks/auto-custom-targets
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.179 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f19.1e100.net
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fr.usmoney.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 08:49:56 GMT
server: Google Frontend
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-cloud-trace-context: 53e9dc5008485367149fb0be1da2522c

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
32 KB 149ms
68ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/adseleto-wrapper.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

813608321e0afc0daa9082dba1cdb1082a383c1bd0afc5cfba4f447b36647ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32768
x-xss-protection: 0
server: cafe
etag: 511 / 19948 / m202408080101 / config-hash: 18247284714178787425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 08:49:55 GMT

GET
H3 200 trace Show response
one.one.one.one/cdn-cgi/ 309 B
409 B 72ms
29ms Fetch
text/plain 1.1.1.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one.one.one.one/cdn-cgi/trace

Requested by

Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/adseleto-wrapper.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

1.1.1.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

one.one.one.one

Software

cloudflare /

Resource Hash

b8c299208ce8335309e217037011705665d68c1e8c78cf469e1a3352480974af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8b2774647fe8b40b-YYZ
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 auto-custom-targets Show response
pmd-api.cloud.adseleto.com/tasks/ 30 B
1 KB 224ms
223ms Fetch
application/json 142.251.40.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmd-api.cloud.adseleto.com/tasks/auto-custom-targets
Requested by: Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/plugins/auto-custom-targets.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.179 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: d5551a37caf90a0ec1923fd49be06354d053f1ed52f084ab97bb4f729d2793e8

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: a4903fed13f2a1453a1af88cf145ee3e
cache-control: no-cache, private
content-length: 54
expires: Tue, 13 Aug 2024 08:49:56 GMT

GET
H2 200 wp-emoji-release.min.js Show response
fr.usmoney.com.br/wp-includes/js/ 18 KB
5 KB 267ms
266ms Script
application/javascript 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.usmoney.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 22:33:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660c87cd-4926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZTIjVbig3eJdIWXb7E6G%2FH%2Fks3A%2FFKT78SnlcL8%2FTS9Su%2Bs%2FWX6HeIsBVEd2t9jTP%2B%2FcTvogh8JzPfIV5WpPEFu8m1B5iUm9OV8DVrjedJhMndUyS0u%2BV7GNOExgEeGdqpI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8b2774643908abee-YYZ

GET
H2 200 nav-menu.e65811186e94a386ba7b.bundle.min.js Show response
fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 265ms
264ms Script
application/javascript 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/nav-menu.e65811186e94a386ba7b.bundle.min.js
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.23.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1a980a98196dd14f3468c177564e0c14013c5a9d1ce141ef293611205e2ace

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 19:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669abe17-12db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FOi10o62eGW%2Bx8IOBOFhzIZcf42eTxDHaHef94WP1MF9hDT6dtSpqh6JYnFV4ef9qaPZ8mwNpstTIoNVzDYZvQSw3EIf7G9BGnGHkbTc8OfXQrN7781Jcgg5Y5NP5MUxLAue"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8b2774645917abee-YYZ

GET
H2 200 search-form.a25a87283d08dad12f18.bundle.min.js Show response
fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/ 2 KB
1 KB 231ms
230ms Script
application/javascript 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/search-form.a25a87283d08dad12f18.bundle.min.js
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.23.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e6a663d97948dc1412c5495791305535de08eabea0878f25279dfc65750bcc4

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 19:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669abe17-84c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pwUSbYuTT8ZlrbLI%2BMenDiThUnfyTNUSkGZNZarbvy%2FWFI6vwJeZHt8U5IeyoH7hDhe3%2BDKLZNvykvTdW%2F4WTQZQlpOySfShCzFl7whAT6ahtySd%2FnHytuI%2FNHpJxMXQAkvT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8b2774646919abee-YYZ

GET
H2 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
fr.usmoney.com.br/wp-content/plugins/elementor/assets/js/ 1 KB
987 B 238ms
238ms Script
application/javascript 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.usmoney.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.23.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f79a94450d546063e15455a95edcccb7658681083cea08e7328bc8c9613cb9c6

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 19:27:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669abe14-550"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkLMCU%2FHbEWrBhE%2Bqx6XqDPTVXeTm%2FXIfGNkoLsHdb5Tez%2Bd9068urUoqQWaWNjwui5MoJFyIGk2PDyx%2Fl6vqD9OdXo1T6Wmdk%2BLP02g4mMu7A3SeOi7XlN4b0xxtGg%2FSdlv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8b277464691babee-YYZ

GET
H2 200 animated-headline.3efc6517c2a055f6c242.bundle.min.js Show response
fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/ 8 KB
3 KB 273ms
273ms Script
application/javascript 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/animated-headline.3efc6517c2a055f6c242.bundle.min.js
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.23.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66754c5da77539ac49227964e9a516c3be6d405023a14ad46c83a14cabe0a9ba

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 19:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669abe17-1eb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MP7fIM3Io5105bJFuQ18V%2FGbiixfNYqj00NQDkQ0hYPnp7U1mmDRyXZ3c2IRS%2BVWGtXCo453CpEKQJpajBXlsX2qqYlfzJKI07fdad3u1SVQekeuCeB6jH3aVjLsWhsf2Aly"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8b277464691dabee-YYZ

GET
H2 200 gallery.8ca9a354ce039d1ba641.bundle.min.js Show response
fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/ 6 KB
2 KB 261ms
261ms Script
application/javascript 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/gallery.8ca9a354ce039d1ba641.bundle.min.js
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.23.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 175ffd38a61631ac7fe5b4b5d732bd6448e89c4e6c42db60fca1ad1c108a1c4f

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 19:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669abe17-16dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8yF%2FsT%2Fo9m%2FypQ29ArqdN%2BPzV4Ik16D1QBwpjQ2boZdKu2eMPy%2FbMUSKJGp0pn7Xl7plBXvsOX%2F4kw3TPLMpAF3Rw7DwShn6%2FoH0wwGvx7zAbM0cb2bkjn5Ms%2FeibHLOICn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8b2774646920abee-YYZ

GET
H2 200 load-more.bc9573b5d1f73abd80b9.bundle.min.js Show response
fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 274ms
274ms Script
application/javascript 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/load-more.bc9573b5d1f73abd80b9.bundle.min.js
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.23.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad52b1fa425e2f1d2cf888022009f212367dae3c04917b9c53bd3bbe1ea2cd02

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 19:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669abe17-147f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nazyKzHpL%2B6Z1ZFcPIW9YBz%2F%2BURUP0aUbq6gl1DtBPfHHKe%2BZ2j7Wyrlwa2ma4lk27%2BnFjHZYJvFjrOoF%2FCWHvnwhyej0Vgi3agaNKujI8ISIRzESXjQfXzGjTiKZYZOQITf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8b2774646922abee-YYZ

GET
H2 200 posts.caaf3e27e57db8207afc.bundle.min.js Show response
fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/ 3 KB
2 KB 236ms
235ms Script
application/javascript 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/posts.caaf3e27e57db8207afc.bundle.min.js
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.23.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b4b6f10eeb5f985b96b886f3df88c8216ff0a88975e774d69264e213a7fd04

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 19:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669abe17-cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPKwIR9M1%2B2HBNAYIX7gjLcrfXyyCivkN%2FCfzS6oHiWmMqwm7fmvdneNBE39QeC9gbS%2BbGNv%2BfBOtRwQxp1w9lYFk6QfOxfdXEDiwzugN6hPg7YJaAhjMztuusB2O9lFSwy4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8b2774646924abee-YYZ

GET
H3 200 as_usmoney.json Show response
cdn.cloud.adseleto.com/pr/ 62 KB
62 KB 30ms
30ms Fetch
application/json 34.36.196.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/pr/as_usmoney.json
Requested by: Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/adseleto-wrapper.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.196.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.196.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b6c88bcda8ee49e5c2aec2ccada0dd7811eb45ce7b93a9ff0cd2e27ed736b79a

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:42:09 GMT
age: 466
x-guploader-uploadid: AHxI1nPQ_je2q6_dxaNS05T2oD4RSwh78QzTgLf_a7gKF927mz8_ASC6-oM-x3v9PN74KIAdlCbe9zkAGQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63507
last-modified: Tue, 13 Aug 2024 07:34:57 GMT
server: UploadServer
etag: "89e41875a0f44a5eb8e269280c8568ed"
x-goog-generation: 1723534497034027
x-goog-hash: crc32c=RrLaGw==, md5=ieQYdaD0Sl644mkoDIVo7Q==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=300
x-goog-stored-content-length: 63507
accept-ranges: bytes
content-type: application/json

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 474 KB
148 KB 42ms
41ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 768
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151130
x-xss-protection: 0
server: cafe
etag: 11205447520193479331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 13 Aug 2025 08:37:08 GMT

GET
H2 200 Post-cuate-1-1024x1024.png
fr.usmoney.com.br/wp-content/uploads/2024/02/ 197 KB
197 KB 414ms
412ms Image
image/png 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/02/Post-cuate-1-1024x1024.png
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7112743bb4cd24045070c29a7426e2667b828a85b3ca4a14a549ae2dc2e095e

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 18:25:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d791a9-31293"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1dt2dxtaauMW5GsNj6o%2B2j3HPaV4zIDwmeDHLjD%2BqR6fpAeGkwicVhGW%2BHtbEILTPq%2BJ8OR4X0p6KJbqejb1Z8zqutqBIwMT%2FcAZM4BSOo21iL6iX%2FEM1YuVjuiD2ksA3S%2Bx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b27746639b1abee-YYZ
content-length: 201363

GET
H2 200 Feed-cuate-2-1024x1024.png
fr.usmoney.com.br/wp-content/uploads/2024/02/ 267 KB
267 KB 415ms
413ms Image
image/png 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/02/Feed-cuate-2-1024x1024.png
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ef7d00808956923278886a17619b8dc598e67ae933407d5053f2f98428400a4

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 18:25:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d791ac-42a52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dF1Pv6zKw3vt%2Be5K5MoDZkGMq%2B%2Fe9oyRYL8BSxywehnf1auUJjOB0awfdR4q6ssCHQKWfALhkhkkD%2F6O1bFnRbeMh36GHZkbjnudp7DYzvPg6ZksivAicbqQeSYbYOV8kN4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b27746639b2abee-YYZ
content-length: 272978

GET
H2 200 Social-biography-cuate-2-1024x1024.png
fr.usmoney.com.br/wp-content/uploads/2024/02/ 193 KB
194 KB 356ms
355ms Image
image/png 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/02/Social-biography-cuate-2-1024x1024.png
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac58f59b59426c4f98d0ddea5a361fd7af2792b19c9dfad66ef54556e33d3a7

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 18:25:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d791ae-30599"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vAmGHJ0unLEADyIIJ%2BVlLHe9zuH7M0JrbdauO2Zl4KDlL02O2Ici%2BL1t09gzHr0Nt2MCZKBiZ0rBk%2FKvthHATXG2cIXTXm0TRmw62ZhBga%2BE7zhH2kVE5ZUu%2FtZZuKhHeqPs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b27746639b3abee-YYZ
content-length: 198041

GET
H2 200 Following-pana-1-1024x1024.png
fr.usmoney.com.br/wp-content/uploads/2024/02/ 183 KB
183 KB 372ms
371ms Image
image/png 104.26.12.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.usmoney.com.br/wp-content/uploads/2024/02/Following-pana-1-1024x1024.png
Requested by: Host: fr.usmoney.com.br
URL: https://fr.usmoney.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624720efcc5387bf50b2b793566b3f020598d4b367c34b42f265671af901820

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 18:25:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d791b0-2dbc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXUWhenhufS%2Bz41AqUvrHWmd8WHsDNbAWXw95xvnHUWbXzOqGTgb4RIkNTbgx7MdJrq7M7%2By%2FpL7OsnwG4F0mjS4NiFire9djH9W5hOfcj6N7oE8G4k9qUZs3TR4WK%2FTgujl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b27746639b4abee-YYZ
content-length: 187330

GET
H2 200 22899417929 Show response
fundingchoicesmessages.google.com/i/ 203 KB
67 KB 194ms
86ms Script
application/javascript 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22899417929?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79ff83d7998721d215c1af66fa98a3c460d9f75d4b2713f129df5373fbc5255c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lAGGGp3GP3ec1VkFdC347A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lAGGGp3GP3ec1VkFdC347A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1JBiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYiT_p1nLQFid62LrP5AvCTiIuuRxIushgqXWJ2BeHr9Jdb5QLz34yXWo0DsyHGZ1ROIhXg4tux5s5VNYMPEI9sYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLAwN9QzM4wsMANDKRRI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUGX5JJmY_7wNyhyPv24Mm1IGQN2Qd5JnEWtsSDe7GBRon1WsZTYYiJTP4SYYG6qApXz_80njkYSZ8-0oUrg9RTzazwJuN5dcSDNt6b69S-MCwUlurRRd3Bpn69YRFz8FZmA-ctzw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 76ms
75ms Script
application/javascript 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUGX5JJmY_7wNyhyPv24Mm1IGQN2Qd5JnEWtsSDe7GBRon1WsZTYYiJTP4SYYG6qApXz_80njkYSZ8-0oUrg9RTzazwJuN5dcSDNt6b69S-MCwUlurRRd3Bpn69YRFz8FZmA-ctzw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTM4OTk2LDU0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mci51c21vbmV5LmNvbS5ici8iLG51bGwsW1s4LCJva2xWWk4zaEh3OCJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxODhdLG51bGwsMTddIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwgz0pUr2--vYiFga5h4FieiKghXg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

829a0bcc90608e15c2930c6d80702de3609d398572d780b190c8fb0b75e7bfb7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z5d2legnLkyQVWIazDujiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-z5d2legnLkyQVWIazDujiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDi27HmzlU1gRuOUOUxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgYWhoZ6BubxBQYAnVg_mw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6CCE 0
0 114ms
40ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29247
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 08:46:59 GMT
expires: Tue, 13 Aug 2024 09:36:59 GMT
last-modified: Mon, 12 Aug 2024 19:45:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 219ms
154ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
via: 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: e090c05e60e1ee697e571b419f14e99b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 94ms
29ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 04:14:45 GMT
content-encoding: gzip
age: 2003711
x-guploader-uploadid: ACJd0NpxoZqibvOLarCa-3RDQVNWjc2YwH8w3Dl7HQZIUwWR-pP_YHtmzQydG8Xrrc_ny2dUziooUcksUw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 21 Jul 2025 04:14:45 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 176ms
80ms Script
text/javascript 74.119.117.4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Jul 2024 14:14:53 GMT
server: nginx
etag: W/"668fe8dd-a6cc"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 08:49:56 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
897 B 94ms
27ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 08:49:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 30234
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4574-YYZ
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 95 KB
28 KB 112ms
37ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7025cecb41913f88ba75bff87fae88028e1ee78cf4a375091c217f3e3950ea8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:15:00 GMT
server: cloudflare
x-amz-request-id: GD8PVWXBVTVEQ10V
age: 184
etag: W/"3d8396f35fd4c6387c69fe6503afbacd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8b2774691ee3aca2-YYZ
x-amz-id-2: T/uBTw0ZavJRPCyP9XpVuQoA8DbzBlXXU/POaHVzmMx5PlW5Z7kEalqt/vGvJKq2HUEdh8Iw2qQ=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 42 KB
13 KB 159ms
46ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f58252a635fcb2b8160e9303570bf732faa3ab57aed8a3926845137b395c6ad

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 15:55:08 GMT
content-encoding: gzip
via: 1.1 3155a44b32f22cf1d72a9a7b7439a6e2.cloudfront.net (CloudFront)
last-modified: Mon, 12 Aug 2024 15:12:48 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 60889
etag: W/"7c09ab4a53c38ce23b3a1495a5b2987e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: gUJKQXMs-I0MJdWkV_YF9zPSeoBNqv5Skimb3Zsx5I2owUhjYuLTpA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 169ms
42ms Script
text/javascript 18.164.108.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.108.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-108-156.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
Date: Tue, 13 Aug 2024 08:00:01 GMT
Via: 1.1 86a640712a72b4264f1681744fa48612.cloudfront.net (CloudFront)
Last-Modified: Wed, 31 Jul 2024 16:30:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
Age: 2996
x-amz-server-side-encryption: AES256
ETag: "0537d8d06dd9dfbe911ad6bf6504f4bf"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3181
X-Amz-Cf-Id: ez7kg5dSEwk3u-bpu67-HWpGLEMjVBCgTbQ9Rzk6QwhrG3HYfSgbfQ==

GET
H3 200 AGSKWxV7SFCgCZNR74WlS1B5IT3bU9vRkYPTvCKDdJcpqEl5ZONhHSBJWngOszA9v_PTHY9Ki2I-MgHqX7DBBt4etS_36CEEMKmTllMrAMN8pNLL26QyBbqH07U4yPs7fveB2oKlK9pBaA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 82ms
81ms Script
application/javascript 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV7SFCgCZNR74WlS1B5IT3bU9vRkYPTvCKDdJcpqEl5ZONhHSBJWngOszA9v_PTHY9Ki2I-MgHqX7DBBt4etS_36CEEMKmTllMrAMN8pNLL26QyBbqH07U4yPs7fveB2oKlK9pBaA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTM4OTk2LDYzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImZyIl0sImh0dHBzOi8vZnIudXNtb25leS5jb20uYnIvIixudWxsLFtbOCwib2tsVlpOM2hIdzgiXSxbOSwiZW4tVVMiXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTg4XSxudWxsLDE3XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

ESF /

Resource Hash

1d3a22a195b103eb852eca8b74d87ab5c101ddfceec982cad90464c396a2b796

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GXyh0-mzIE1BrpQaarlqQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-GXyh0-mzIE1BrpQaarlqQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDi27HmzlU3gxP5vx5iUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDA31DMzjCwwAwdJAiA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
233 B 402ms
126ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fr.usmoney.com.br
date: Tue, 13 Aug 2024 08:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
534 B 169ms
56ms XHR
application/json 44.195.112.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.112.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-112-63.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e209a48e0ac822ebfbe5045b426f6b18d93362dc53f4b360319e839ec98bf1e1

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 08:49:56 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://fr.usmoney.com.br
cache-control: no-cache
x-server: 10.40.13.42
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 152ms
70ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

02ffa40d0a470b5805d2b6d44fd2ec29f0cc565d99c915f16d63ea5adae91c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12917
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 181 KB
52 KB 528ms
528ms Fetch
text/plain 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2151803970022625&correlator=3936285709095316&eid=31086034%2C31084180%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&iu_parts=22899417929%2Cas_usmoney_desk_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1723538996806&lmt=1723403442&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffr.usmoney.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=1&tps=1&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQY0_q315QySABSAghkEhkKCnB1YmNpZC5vcmcYt_u315QySABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNP6t9eUMkgAUgIIZBIXCghydGJob3VzZRi0_LfXlDJIAFICCGoSFAoFb3BlbngYvPu315QySABSAghvEhkKCnVpZGFwaS5jb20Y0_q315QySABSAghkEhsKDGlkNS1zeW5jLmNvbRjT-rfXlDJIAFICCGQ.&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723538995079&idt=1104&cust_params=utm_source%3Ddirect&adks=510304096&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c65549001161e4b230a25c5ba1edf87cc6ac9e3edc0a05470a525ac3b6f9bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53311
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fr.usmoney.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d4d53b56b3220688bef4c289d94bd439.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C1AB 0
0 170ms
56ms Document
text/html 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4d53b56b3220688bef4c289d94bd439.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 08:49:56 GMT
expires: Tue, 13 Aug 2024 08:49:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 47 KB
15 KB 40ms
38ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f305118801de2798f8e14b8def6d4aa0ff995d64bc9dcd9be23875a911f116a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 13:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70955
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15257
x-xss-protection: 0
server: cafe
etag: 1018160799289647263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 12 Aug 2025 13:07:21 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 153ms
58ms Script
text/javascript 142.251.41.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.1 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 08:49:57 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 97A9 0
0 126ms
40ms Document
text/html 142.251.41.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.1 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 08:30:07 GMT
expires: Wed, 13 Aug 2025 08:30:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 34EB 0
0 149ms
62ms Document
text/html 142.251.41.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i9w6cnfqR9DNYLmWDMk92w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fr.usmoney.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-i9w6cnfqR9DNYLmWDMk92w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 08:49:57 GMT
expires: Tue, 13 Aug 2024 08:49:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 slider.ad. Show response
fundingchoicesmessages.google.com/f/AGSKWxWxukas0d2MGeXFQEbY_x2Op06pKrJAuD8ORWZRUVQd88pIvll2trPJTmc8ny19_jQalPL7VRDYU0oTMFRB0LuZcMAuEaluHJ_SMvogK8tuNNs0oDi4q_HunmrpufI6PP-LK7U3WAkHdVsRQ8y7ApnDHAFz9... 54 B
109 B 66ms
66ms Script
application/javascript 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWxukas0d2MGeXFQEbY_x2Op06pKrJAuD8ORWZRUVQd88pIvll2trPJTmc8ny19_jQalPL7VRDYU0oTMFRB0LuZcMAuEaluHJ_SMvogK8tuNNs0oDi4q_HunmrpufI6PP-LK7U3WAkHdVsRQ8y7ApnDHAFz9aqc81rqGSoFBXbUxDOQddQxEM-FfE5u/_/customadsense./adv3./adfrequencycapping.-doubleclick.min.js/slider.ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwTJCMyPpV8x_ZJHxcAT7ZwTpuf-Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83adf916cc6a6385ea935f1dd0c17062a529e1cdf8c847b821310c77e22c0541

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aWfvujq2nS5VgNtbyd3K5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-aWfvujq2nS5VgNtbyd3K5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDi27nmzlU1gwpQZmxmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDA31DMzjCwwApJg_wg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 59 KB
22 KB 120ms
40ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

7e57f023475e085ccb55cbb1c37501115fd0e746b60d30eedd1dea100bdb9586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22046
x-xss-protection: 0
server: cafe
etag: 1319350126586531441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 09:33:16 GMT

POST
H3 204 AGSKWxUtulu1BA6omrjZ6W5XqV03NCKcBADHJEv3iynGUM12Iy50rTZwff72aKywef2zRlPl8kcZVaQDncyi8Rw3QNnnLl7EKKoJs4_QdVZY81kW3bT0CCcOve1CqquuhgBA7iPjCjAASg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 149ms
64ms XHR
text/html 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUtulu1BA6omrjZ6W5XqV03NCKcBADHJEv3iynGUM12Iy50rTZwff72aKywef2zRlPl8kcZVaQDncyi8Rw3QNnnLl7EKKoJs4_QdVZY81kW3bT0CCcOve1CqquuhgBA7iPjCjAASg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TXisqZPyiXd7td4jqesyww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2024 08:49:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TXisqZPyiXd7td4jqesyww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw15BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY-ueN1vZBDasP3GbUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGFgYGuoZmMcXGAAAtIY00Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fr.usmoney.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d4d53b56b3220688bef4c289d94bd439.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 867D 0
0 1ms
1ms Document
text/html 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4d53b56b3220688bef4c289d94bd439.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 08:49:56 GMT
expires: Tue, 13 Aug 2024 08:49:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUtulu1BA6omrjZ6W5XqV03NCKcBADHJEv3iynGUM12Iy50rTZwff72aKywef2zRlPl8kcZVaQDncyi8Rw3QNnnLl7EKKoJs4_QdVZY81kW3bT0CCcOve1CqquuhgBA7iPjCjAASg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k2lRvpod2rs-KzBQ9dfM7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2024 08:49:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-k2lRvpod2rs-KzBQ9dfM7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmII1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY-ueN1vZBH6sn_mUScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGFgYGuoZmMcXGAAAwW40-Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fr.usmoney.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUtulu1BA6omrjZ6W5XqV03NCKcBADHJEv3iynGUM12Iy50rTZwff72aKywef2zRlPl8kcZVaQDncyi8Rw3QNnnLl7EKKoJs4_QdVZY81kW3bT0CCcOve1CqquuhgBA7iPjCjAASg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XilPND5fGir5a8SsZUtUxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2024 08:49:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-XilPND5fGir5a8SsZUtUxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw1JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY-ueN1vZBA70T5rErOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDCwMDfUMzOMLDACJZjQ-"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fr.usmoney.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUtulu1BA6omrjZ6W5XqV03NCKcBADHJEv3iynGUM12Iy50rTZwff72aKywef2zRlPl8kcZVaQDncyi8Rw3QNnnLl7EKKoJs4_QdVZY81kW3bT0CCcOve1CqquuhgBA7iPjCjAASg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GHuPEhbZzzLddKCAsJwUgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2024 08:49:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-GHuPEhbZzzLddKCAsJwUgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw0gDi9BmsIUDsrnWR1R-Il0RcZD2SeJF1ev0l1vlAvPfjJdajQOzIcZnVE4iFeDi27nmzlU1gwprnE5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhaGhnoF5fIEBAJetNHc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fr.usmoney.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWju-D0wuAT6vux8t9Tc76Ctl0cblP1NnVYSvy1iQblOFflYrg_Zt03FYV-lsspXDoitJ5GABgZu92tjU6V7H4PWFfujphbrrM49LpWEXiHbTW8EkYAi6UJasNjxQlNT5QUcb1Dkw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 91ms
88ms Script
application/javascript 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWju-D0wuAT6vux8t9Tc76Ctl0cblP1NnVYSvy1iQblOFflYrg_Zt03FYV-lsspXDoitJ5GABgZu92tjU6V7H4PWFfujphbrrM49LpWEXiHbTW8EkYAi6UJasNjxQlNT5QUcb1Dkw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTM4OTk3LDcxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZnIiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9mci51c21vbmV5LmNvbS5ici8iLG51bGwsW1s4LCJva2xWWk4zaEh3OCJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxODhdLG51bGwsMTddIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21a3b4932663937e892299eb2f04f668e78983b525d408ee8089923f719085f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-954jfVZ_94sRuUgyvdM2hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fr.usmoney.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 08:49:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-954jfVZ_94sRuUgyvdM2hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDi27nmzlU1gw7Mdn5mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDA31DMzjCwwAxbtAjg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWwSm8Ud25yTWXNcvEALqZV7NAr02zcm9WC3tSXAFYNZI5foRoES6D_sJND8Bfj97t9aLZbYoq0_1w8vmXTimX2k6gppbOSRqtLtvUlYpFBe4mhIWAT6T6Jysy_Tup6SVlEs30rMg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 66ms
64ms XHR
text/html 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwSm8Ud25yTWXNcvEALqZV7NAr02zcm9WC3tSXAFYNZI5foRoES6D_sJND8Bfj97t9aLZbYoq0_1w8vmXTimX2k6gppbOSRqtLtvUlYpFBe4mhIWAT6T6Jysy_Tup6SVlEs30rMg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS