vocedinheiro.com Open in urlscan Pro
149.56.180.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vocedinheiro.com/
Submission: On August 10 via automatic, source certstream-suspicious (August 10th 2021, 1:49:11 am UTC)

Summary HTTP 45 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 45 HTTP transactions. The main IP is 149.56.180.102, located in Montreal, Canada and belongs to OVH, FR. The main domain is vocedinheiro.com.
TLS certificate: Issued by R3 on July 4th 2021. Valid for: 3 months.

This is the only time vocedinheiro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	149.56.180.102 149.56.180.102	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
45	15

19 149.56.180.102 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip102.ip-149-56-180.net

vocedinheiro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2viacontas.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	2viacontas.com.br 2viacontas.com.br	136 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	175 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	googletagmanager.com www.googletagmanager.com	120 KB
2	google.com adservice.google.com www.google.com	1 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	661 B
1	vocedinheiro.com vocedinheiro.com	10 KB
45	10

	Domain	Requested by
18	2viacontas.com.br	vocedinheiro.com 2viacontas.com.br
5	pagead2.googlesyndication.com	vocedinheiro.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	vocedinheiro.com www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vocedinheiro.com
45	12

This site contains links to these domains. Also see Links.

Domain
2viacontas.com.br

Subject Issuer	Validity	Valid
2viacontas.com.br R3	`2021-07-04` - `2021-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://vocedinheiro.com/
Frame ID: CCEFEAECE9FAABD4D5F73E4D0A203900
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210805/r20190131/zrt_lookup.html
Frame ID: 2FD0FD227F3145FDDE17BBFDA655D0DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6639383159648577&output=html&adk=1812271804&adf=3025194257&lmt=1628560133&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvocedinheiro.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628560133261&bpp=3&bdt=1037&idt=70&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2003481578748&frm=20&pv=2&ga_vid=270196473.1628560133&ga_sid=1628560133&ga_hid=3430687&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1339352545306246&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=96
Frame ID: 0413F3023E05AEFA59D6C0E972054CCB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CAE5266BA8F25403319EB679ABE6B432
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7BB69B077072DF2D60DD9A76BCC9F430
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

45
Requests

84 %
HTTPS

86 %
IPv6

10
Domains

12
Subdomains

15
IPs

3
Countries

527 kB
Transfer

1413 kB
Size

6
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://2viacontas.com.br/
Title: 2ª VIA DE CONTAS

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/conta-de-luz/
Title: Conta de Luz

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/conta-de-agua/
Title: Conta de Água

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/conta-de-telefone/
Title: Conta de Telefone

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/conta-de-boleto/
Title: Boletos

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/2-via-celpe/
Title: 2 ª VIA CELPE

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/2-via-cosern/
Title: 2ª VIA COSERN

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/governo-vai-pagar-conta-de-luz-para-baianos/
Title: Governo do Estado vai Pagar Conta de Energia Para Milhões de baianos nos próximos 3 meses

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/2a-via-compesa/
Title: 2ª VIA COMPESA

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/2a-via-saae/
Title: 2ª VIA SAAE

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/2a-via-edp-escelsa/
Title: 2ª VIA EDP ESCELSA

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/2a-via-fies/
Title: 2ª VIA FIES

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/2a-via-santander/
Title: 2ª VIA SANTANDER

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/2a-via-caern/
Title: 2ª VIA CAERN

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/2a-via-cesan/
Title: 2ª VIA CESAN

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/page/2/
Title: 2

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/page/3/
Title: 3

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/page/6/
Title: 6

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/documentos/
Title: Documentos

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/financas/
Title: Finanças

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/imposto-municipal/
Title: Imposto Municipal

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/politica-de-privacidade-2/
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/termos-de-uso/
Title: Termos de Uso

Search URL Search Domain Scan URL

URL: https://2viacontas.com.br/quem-somos/
Title: Quem Somos

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vocedinheiro.com/ 36 KB
10 KB 349ms
110ms Document
text/html 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

a90a05180251b410c4dfab9d4836e163a76ca5bea78bc44a77bf27cfff0847a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: vocedinheiro.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 10 Aug 2021 01:48:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://2viacontas.com.br/wp-json/>; rel="https://api.w.org/"
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
x-fastcgi-cache: HIT
content-encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-124181397-2

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b13d6757af36ef4b531a88e7e5f36399f83218d80efc6bb3d02af7eb054c0060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40793
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Aug 2021 01:48:52 GMT

GET
H2 200 dashicons.min.css
2viacontas.com.br/wp-includes/css/ 58 KB
35 KB 604ms
108ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-includes/css/dashicons.min.css?ver=5.8

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 12:26:05 GMT
server: nginx
x-powered-by: WordOps
etag: W/"607830dd-e688"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 elusive.min.css
2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/ 12 KB
2 KB 746ms
250ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

6cf390024b9fb02ae1756d257499f568393acc60c76ae6b13ce986a46f396e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 07 Aug 2021 08:23:13 GMT
server: nginx
x-powered-by: WordOps
etag: W/"610e42f1-31f0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 font-awesome.min.css
2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/ 30 KB
7 KB 746ms
251ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/font-awesome.min.css?ver=4.7.0

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

46cd92e74493c286e7cc9c8ed59a3cce3aec77edf6da51e4287d43349e496259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 07 Aug 2021 08:23:13 GMT
server: nginx
x-powered-by: WordOps
etag: W/"610e42f1-788d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 foundation-icons.min.css
2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/ 17 KB
3 KB 746ms
251ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

d51089ba164e46643145dc475cce83e53896a1e6541c68b20d841c1ab24e65b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 07 Aug 2021 08:23:13 GMT
server: nginx
x-powered-by: WordOps
etag: W/"610e42f1-439a"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 genericons.min.css
2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/ 26 KB
16 KB 744ms
249ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

eeeecb59f46b1474b7b2cc02df510a8faa73438e20a41db43a74a1d91a4eeecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 07 Aug 2021 08:23:13 GMT
server: nginx
x-powered-by: WordOps
etag: W/"610e42f1-6836"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 extra.min.css
2viacontas.com.br/wp-content/plugins/menu-icons/css/ 815 B
400 B 746ms
252ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.12.9

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 07 Aug 2021 08:23:13 GMT
server: nginx
x-powered-by: WordOps
etag: W/"610e42f1-32f"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 style.min.css
2viacontas.com.br/wp-includes/css/dist/block-library/ 79 KB
10 KB 743ms
250ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.8

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 08:23:10 GMT
server: nginx
x-powered-by: WordOps
etag: W/"60fbcdee-13abe"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 wordpress-svg-icon-plugin-style.min.css
2viacontas.com.br/wp-content/plugins/svg-vector-icon-plugin/admin/css/ 31 KB
6 KB 743ms
250ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/svg-vector-icon-plugin/admin/css/wordpress-svg-icon-plugin-style.min.css?ver=5.8

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

dc961608c08d46f61c2128879161f64ce176ea2917e70677687aba66992a5652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 02 Dec 2019 18:29:28 GMT
server: nginx
x-powered-by: WordOps
etag: W/"5de55808-7d52"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 style.css
2viacontas.com.br/wp-content/themes/page-builder-framework/ 32 KB
7 KB 744ms
252ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/themes/page-builder-framework/style.css?ver=2.2

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

bfff72020675faeef30902e908bc4df09202dcbcfcde419ce4203046444aeb81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Fri, 28 Feb 2020 17:31:39 GMT
server: nginx
x-powered-by: WordOps
etag: W/"5e594e7b-7e4d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 responsive-min.css
2viacontas.com.br/wp-content/themes/page-builder-framework/css/min/ 8 KB
1 KB 742ms
250ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/themes/page-builder-framework/css/min/responsive-min.css?ver=2.2

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

6d0b5affd3b98fc8ce27176b7cc194e590d8a193b41885ba92c29c400e3c0260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Fri, 28 Feb 2020 17:31:39 GMT
server: nginx
x-powered-by: WordOps
etag: W/"5e594e7b-1f70"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 wpbf-premium.css
2viacontas.com.br/wp-content/plugins/wpbf-premium/css/ 15 KB
2 KB 743ms
251ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/wpbf-premium/css/wpbf-premium.css?ver=2.1.3

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

94f365c49c57df0144608a57b9ef4fa73c3969a0e2b21f73de23112fb672c773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 02 Dec 2019 18:16:14 GMT
server: nginx
x-powered-by: WordOps
etag: W/"5de554ee-3c95"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 wpbf-customizer-styles.css
2viacontas.com.br/wp-content/uploads/page-builder-framework/ 821 B
424 B 740ms
251ms Stylesheet
text/css 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/uploads/page-builder-framework/wpbf-customizer-styles.css?ver=2.2

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

bd848e8e662ebc21672a2933eb5d37f66695dfa9c60461c66078653799c4ba4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Fri, 18 Jun 2021 19:56:47 GMT
server: nginx
x-powered-by: WordOps
etag: W/"60ccfa7f-335"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 frontend-gtag.min.js Show response
2viacontas.com.br/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
3 KB 741ms
252ms Script
application/javascript 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.8.0

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

40dd348a0a40e3117ce5a9b3d0fc49651749e4821c342e82b89039f4847b791d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 17 Jul 2021 08:23:13 GMT
server: nginx
x-powered-by: WordOps
etag: W/"60f29371-23ab"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 jquery.min.js Show response
2viacontas.com.br/wp-includes/js/jquery/ 87 KB
30 KB 741ms
253ms Script
application/javascript 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 08:23:10 GMT
server: nginx
x-powered-by: WordOps
etag: W/"60fbcdee-15db1"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57751817-3

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a95c1ffae8332007e8b899a5f791628d66ae3405c8b256fd69beb0c730a4ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40769
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Aug 2021 01:48:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8093ab4d254b73525654ed5a079b92046bb8a1b8ebf5106e6c64fdc783d42c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49427
x-xss-protection: 0
server: cafe
etag: 8704695781698676377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Aug 2021 01:48:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124181397-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 739
date: Tue, 10 Aug 2021 01:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 10 Aug 2021 03:36:34 GMT

GET
H2 200 isotope.js Show response
2viacontas.com.br/wp-content/plugins/wpbf-premium/js/ 35 KB
10 KB 663ms
252ms Script
application/javascript 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/wpbf-premium/js/isotope.js?ver=3.0.6

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 02 Dec 2019 18:16:14 GMT
server: nginx
x-powered-by: WordOps
etag: W/"5de554ee-8a75"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 site-min.js Show response
2viacontas.com.br/wp-content/themes/page-builder-framework/js/min/ 3 KB
1 KB 662ms
252ms Script
application/javascript 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/themes/page-builder-framework/js/min/site-min.js?ver=2.2

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

17f8a1d907bb7620edf41f4dc7b52aa4f27cf0e504c9f09c2713381ce9c9ca55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Fri, 28 Feb 2020 17:31:39 GMT
server: nginx
x-powered-by: WordOps
etag: W/"5e594e7b-bed"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 mobile-hamburger-min.js Show response
2viacontas.com.br/wp-content/themes/page-builder-framework/js/min/ 2 KB
713 B 662ms
252ms Script
application/javascript 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/themes/page-builder-framework/js/min/mobile-hamburger-min.js?ver=2.2

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

bd70fd680cd9850bbee69efe06f2012bedc7f8cb681973cf536b10ee42538369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Fri, 28 Feb 2020 17:31:39 GMT
server: nginx
x-powered-by: WordOps
etag: W/"5e594e7b-9d6"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H2 200 site.js Show response
2viacontas.com.br/wp-content/plugins/wpbf-premium/js/ 2 KB
618 B 662ms
253ms Script
application/javascript 149.56.180.102
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://2viacontas.com.br/wp-content/plugins/wpbf-premium/js/site.js?ver=2.1.3

Requested by

Host: vocedinheiro.com
URL: https://vocedinheiro.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.56.180.102 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip102.ip-149-56-180.net

Software

nginx / WordOps

Resource Hash

09f97c0f1ba89a81201523ea4323ec118730872c21786ccd6465e8399340eabd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:52 GMT
content-encoding: gzip
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 02 Dec 2019 18:16:14 GMT
server: nginx
x-powered-by: WordOps
etag: W/"5de554ee-7ed"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 10 Aug 2022 01:48:52 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57751817-3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124181397-2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d32335802ed8fda27b80b817c82731efe86603ede03fc5bd32ebfe711779b84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40760
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Aug 2021 01:48:53 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Origin: https://vocedinheiro.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET fontawesome-webfont.woff2
2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/ 0
0

GET page-builder-framework.woff2
2viacontas.com.br/wp-content/themes/page-builder-framework/fonts/ 0
0

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=3430687&t=pageview&_s=1&dl=https%3A%2F%2Fvocedinheiro.com%2F&ul=en-us&de=UTF-8&dt=2%C2%AA%20VIA%20DE%20CONTAS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=607220350&gjid=1360646890&cid=270196473.1628560133&tid=UA-124181397-2&_gid=529694788.1628560133&_r=1&gtm=2ou840&did=dNDMyYj&z=1652725037

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:48:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vocedinheiro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108090101/ 252 KB
93 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6639383159648577&plah=vocedinheiro.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10202b17617d47c2fac56e9c7aea4d46bdfd188cdea095bd04c11fe376662e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95615
x-xss-protection: 0
server: cafe
etag: 9756873598893185015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 10 Aug 2021 01:48:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210805/r20190131/ Frame 2FD0 10 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210805/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210805/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vocedinheiro.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vocedinheiro.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 09 Aug 2021 19:45:39 GMT
expires: Mon, 23 Aug 2021 19:45:39 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 21794
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
12ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=3430687&t=pageview&_s=1&dl=https%3A%2F%2Fvocedinheiro.com%2F&ul=en-us&de=UTF-8&dt=2%C2%AA%20VIA%20DE%20CONTAS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=754077750&gjid=172535844&cid=270196473.1628560133&tid=UA-57751817-3&_gid=529694788.1628560133&_r=1&gtm=2ou840&did=dNDMyYj&z=539810881

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:48:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vocedinheiro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
661 B 89ms
32ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vocedinheiro.com&callback=_gfp_s_&client=ca-pub-6639383159648577

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6639383159648577&plah=vocedinheiro.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

47ed802bd8f6c712a4cb7bf5ae7c037ad24c3367a19dd244fc577e9ea1acf83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vocedinheiro.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 01:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vocedinheiro.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 01:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0413 603 B
68 B 36ms
34ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6639383159648577&output=html&adk=1812271804&adf=3025194257&lmt=1628560133&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvocedinheiro.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628560133261&bpp=3&bdt=1037&idt=70&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2003481578748&frm=20&pv=2&ga_vid=270196473.1628560133&ga_sid=1628560133&ga_hid=3430687&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1339352545306246&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=96

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6639383159648577&output=html&adk=1812271804&adf=3025194257&lmt=1628560133&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvocedinheiro.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628560133261&bpp=3&bdt=1037&idt=70&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2003481578748&frm=20&pv=2&ga_vid=270196473.1628560133&ga_sid=1628560133&ga_hid=3430687&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1339352545306246&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=96
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vocedinheiro.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vocedinheiro.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 10 Aug 2021 01:48:53 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 10-Aug-2021 02:03:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 10 Aug 2021 01:48:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508781313717"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Tue, 10 Aug 2021 01:48:53 GMT

GET fontawesome-webfont.woff
2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/ 0
0

GET page-builder-framework.woff
2viacontas.com.br/wp-content/themes/page-builder-framework/fonts/ 0
0

GET fontawesome-webfont.ttf
2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/ 0
0

GET page-builder-framework.ttf
2viacontas.com.br/wp-content/themes/page-builder-framework/fonts/ 0
0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210805&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68bfcddea0a05c27df65ded108e9c4fb4f3b97df322bbe61841e9ad36bd9998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 01:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8583
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 10 Aug 2021 01:48:54 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CAE5 12 KB
5 KB 21ms
5ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vocedinheiro.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vocedinheiro.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 09 Aug 2021 23:04:56 GMT
expires: Tue, 09 Aug 2022 23:04:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7BB6 783 B
768 B 16ms
15ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4183e4b84b24ecf4a7735c67db8d30bdadbeb81d06d441101dd427878f1d6a87

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RXRAx9RZcChK1NGZwjc0bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vocedinheiro.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vocedinheiro.com/

Response headers

expires: Tue, 10 Aug 2021 01:48:54 GMT
date: Tue, 10 Aug 2021 01:48:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-RXRAx9RZcChK1NGZwjc0bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame CAE5 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 432016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:48:38 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210805&jk=1339352545306246&bg=!MzClMHTNAAbOj6irzo87ACkAdvg8Wsmh7T4Qj1T1c5Q5k9FfH43ZmE2Ecp8sxG928_P-VS-4kCiFzAIAAABFUgAAAAtoAQeZAnyxQq7EdZw8Ql6_aC75YwULsVdm75iafD3d2MO1I4rPBfQ5g3ekfHhet5X9uOVeOsTO4vO_lJLfPEaILg7q68FR16dl5uKU7p2oC1uuB9kObNv5LqxURoGRvpFMh7bx5W536x9xuOt0bRyh1aCMAUbnMTAqHEdXHHbqdj07du_qq-Ycd4m7pQThe2RECxfHCYwWDl_-c2PB9sw9nvGIR-sG1vAT8ubXEyqYgqjEmpPwSZx-a2KfuNf-Y799TTzoo92E-fWPbi-qKLusH4M3IZ96B_IDCTtM08NHD-1oXwslOxBVmxbazq2ifoPVM_SbXve6E6RrV_PMWws6KRjF9A64a87qh92R1nOPtM3DYTpEB4NbG9XQL_NC3yy2-CzMqXmn8eIJZaO8_OPwv7DOLyC7LplEnmnX8qQSnkkO06KxBB250x0354_Aury-grjV_uvk_T3FKHmhgynQfHeFFzxgd-27Gwmp4MrA276X08cY2W3ixVyRNYSh-uj7uC8Bo7BA1MSrwsphnTA2mNLZJlkPyh5lOjGv_kD9SOv_K8EKBQNikkNBMvty_VIa4ofOQ_kva5hIOIeSf43Ulbf2PPXNxjh3uDegf1dYgT-K4QgvM4zeUua4w1yFPiNtm_so8F1TsBq9eHdvk9USvdOoG5O08qaiP-oCQbySuCYoH07XoNGL9v_GsmWw3dAcE0UNBxgTG_b4yTyr9bw2ZbHR1macEjsm7_OQTtNYUURNCkJc9mQJ-GaIc47xdnJFpckTvVD1EIP1uECBCXjEXLx9TkYoa5ERSQHfiJqpU6fnksYjrm5HWYwOfjUjfWQFbkiwsnHH3FUtWNRgAzOosv8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vocedinheiro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:48:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 2viacontas.com.br
URL: https://2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/fontawesome-webfont.woff2?v=4.7.0

Domain: 2viacontas.com.br
URL: https://2viacontas.com.br/wp-content/themes/page-builder-framework/fonts/page-builder-framework.woff2

Domain: 2viacontas.com.br
URL: https://2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/fontawesome-webfont.woff?v=4.7.0

Domain: 2viacontas.com.br
URL: https://2viacontas.com.br/wp-content/themes/page-builder-framework/fonts/page-builder-framework.woff

Domain: 2viacontas.com.br
URL: https://2viacontas.com.br/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/fontawesome-webfont.ttf?v=4.7.0

Domain: 2viacontas.com.br
URL: https://2viacontas.com.br/wp-content/themes/page-builder-framework/fonts/page-builder-framework.ttf

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:22:41	Name: test_cookie Value: CheckForPermission
.vocedinheiro.com/	1970-01-19 20:22:40	Name: _gat_gtag_UA_57751817_3 Value: 1
.vocedinheiro.com/	1970-01-20 05:44:16	Name: __gads Value: ID=8705ef6d86b8e406-229b422b9ac900d0:T=1628560133:RT=1628560133:S=ALNI_Ma4Ub5UtSVHfNMaavmsEPY6eqz0vQ
.vocedinheiro.com/	1970-01-19 20:22:40	Name: _gat_gtag_UA_124181397_2 Value: 1
.vocedinheiro.com/	1970-01-19 20:24:06	Name: _gid Value: GA1.2.529694788.1628560133
.vocedinheiro.com/	1970-01-20 13:53:52	Name: _ga Value: GA1.2.270196473.1628560133

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2viacontas.com.br
adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
vocedinheiro.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
2viacontas.com.br
142.250.184.226
149.56.180.102
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
09f97c0f1ba89a81201523ea4323ec118730872c21786ccd6465e8399340eabd
10202b17617d47c2fac56e9c7aea4d46bdfd188cdea095bd04c11fe376662e50
17f8a1d907bb7620edf41f4dc7b52aa4f27cf0e504c9f09c2713381ce9c9ca55
3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9
40dd348a0a40e3117ce5a9b3d0fc49651749e4821c342e82b89039f4847b791d
4183e4b84b24ecf4a7735c67db8d30bdadbeb81d06d441101dd427878f1d6a87
46cd92e74493c286e7cc9c8ed59a3cce3aec77edf6da51e4287d43349e496259
47ed802bd8f6c712a4cb7bf5ae7c037ad24c3367a19dd244fc577e9ea1acf83b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf390024b9fb02ae1756d257499f568393acc60c76ae6b13ce986a46f396e34
6d0b5affd3b98fc8ce27176b7cc194e590d8a193b41885ba92c29c400e3c0260
8093ab4d254b73525654ed5a079b92046bb8a1b8ebf5106e6c64fdc783d42c2a
8a95c1ffae8332007e8b899a5f791628d66ae3405c8b256fd69beb0c730a4ad1
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
94f365c49c57df0144608a57b9ef4fa73c3969a0e2b21f73de23112fb672c773
968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a90a05180251b410c4dfab9d4836e163a76ca5bea78bc44a77bf27cfff0847a2
b13d6757af36ef4b531a88e7e5f36399f83218d80efc6bb3d02af7eb054c0060
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd70fd680cd9850bbee69efe06f2012bedc7f8cb681973cf536b10ee42538369
bd848e8e662ebc21672a2933eb5d37f66695dfa9c60461c66078653799c4ba4c
bfff72020675faeef30902e908bc4df09202dcbcfcde419ce4203046444aeb81
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
d32335802ed8fda27b80b817c82731efe86603ede03fc5bd32ebfe711779b84d
d51089ba164e46643145dc475cce83e53896a1e6541c68b20d841c1ab24e65b9
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d68bfcddea0a05c27df65ded108e9c4fb4f3b97df322bbe61841e9ad36bd9998
dc961608c08d46f61c2128879161f64ce176ea2917e70677687aba66992a5652
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
eeeecb59f46b1474b7b2cc02df510a8faa73438e20a41db43a74a1d91a4eeecb

vocedinheiro.com Open in urlscan Pro 149.56.180.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

45 Requests

84 %HTTPS

86 %IPv6

10 Domains

12 Subdomains

15 IPs

3 Countries

527 kBTransfer

1413 kBSize

6 Cookies

24 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vocedinheiro.com Open in urlscan Pro
149.56.180.102 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

84 %
HTTPS

86 %
IPv6

10
Domains

12
Subdomains

15
IPs

3
Countries

527 kB
Transfer

1413 kB
Size

6
Cookies

45 HTTP transactions
1 data transactions