rumoaliberdadefinanceira.com Open in urlscan Pro
35.247.253.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rumoaliberdadefinanceira.com/?shiny
Effective URL:
https://rumoaliberdadefinanceira.com/?shiny
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On March 26 via api (March 26th 2023, 11:29:35 pm UTC) from JP — Scanned from JP

Summary HTTP 22 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 22 HTTP transactions. The main IP is 35.247.253.234, located in São Paulo, Brazil and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is rumoaliberdadefinanceira.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 24th 2023. Valid for: 3 months.

This is the only time rumoaliberdadefinanceira.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	35.247.253.234 35.247.253.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2606:4700::68... 2606:4700::6812:4dd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:400a:804::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4004:825::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10f:187:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
22	9

2 35.247.253.234 (São Paulo, Brazil) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.253.247.35.bc.googleusercontent.com

rumoaliberdadefinanceira.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:4dd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.greatpages.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r3-pages-views.greatpages.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:804::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:187:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	greatpages.com.br cdn.greatpages.com.br r3-pages-views.greatpages.com.br	666 KB
4	gstatic.com fonts.gstatic.com	178 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	239 B
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 845	88 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	137 KB
2	rumoaliberdadefinanceira.com 1 redirects rumoaliberdadefinanceira.com	18 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
22	8

	Domain	Requested by
8	cdn.greatpages.com.br	rumoaliberdadefinanceira.com
4	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	rumoaliberdadefinanceira.com
2	use.fontawesome.com	cdn.greatpages.com.br use.fontawesome.com
2	connect.facebook.net	cdn.greatpages.com.br connect.facebook.net
2	rumoaliberdadefinanceira.com	1 redirects
1	r3-pages-views.greatpages.com.br	cdn.greatpages.com.br
1	www.googletagmanager.com	cdn.greatpages.com.br
1	fonts.googleapis.com	cdn.greatpages.com.br
22	9

This site contains links to these domains. Also see Links.

Domain
www.oxigeniofinanceiro.com
api.whatsapp.com

Subject Issuer	Validity	Valid
rumoaliberdadefinanceira.com ZeroSSL RSA Domain Secure Site CA	`2023-03-24` - `2023-06-22`	3 months	crt.sh
cdn.greatpages.com.br Cloudflare Inc ECC CA-3	`2022-10-20` - `2023-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.greatpages.com.br E1	`2023-03-08` - `2023-06-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rumoaliberdadefinanceira.com/?shiny
Frame ID: 12EB2EDD427E6A7918A5CBBF8F31BED2
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Desafio Rumo à Liberdade Financeira

Page URL History Show full URLs

http://rumoaliberdadefinanceira.com/?shiny HTTP 302
https://rumoaliberdadefinanceira.com/?shiny Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

22
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

1126 kB
Transfer

1814 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.oxigeniofinanceiro.com/politica-de-privacidade
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=351927659646

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rumoaliberdadefinanceira.com/?shiny HTTP 302
https://rumoaliberdadefinanceira.com/?shiny Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
rumoaliberdadefinanceira.com/
Redirect Chain

http://rumoaliberdadefinanceira.com/?shiny
https://rumoaliberdadefinanceira.com/?shiny

115 KB
17 KB

814ms
275ms

Document
text/html

35.247.253.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rumoaliberdadefinanceira.com/?shiny

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.247.253.234 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

234.253.247.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

2254cf1e3791bfa3e1bdd36558759f24c6fa39c497376de5023a23b4599fed7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: public
Connection: close
Content-Type: text/html
Date: Sun, 26 Mar 2023 23:29:30 GMT
Expires: Mon, 27 Mar 2023 00:29:30 GMT
RateLimit-Limit: 60
RateLimit-Remaining: 59
RateLimit-Reset: 41
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-Powered-By: Express
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;

Redirect headers

Connection: close
Content-Length: 130
Content-Type: text/html; charset=utf-8
Date: Sun, 26 Mar 2023 23:29:29 GMT
Location: https://rumoaliberdadefinanceira.com/?shiny
Vary: Accept
X-Powered-By: Express

GET
H/1.1 200
OK css.css
cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/ 23 KB
6 KB 423ms
402ms Stylesheet
text/css 2606:4700::6812:4dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/css.css

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

097b90c0ca622b2f50ca1d357eac0affa2c24977972415bb74c4789827228753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 26 Mar 2023 23:29:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Mar 2023 18:37:57 GMT
Server: cloudflare
ETag: W/"c7fa7167e06f26f3f188badecfba0b85"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 7ae32d16cf84af9f-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Mon, 25 Mar 2024 23:29:31 GMT

GET
H/1.1 200
OK js.js Show response
cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/ 138 KB
30 KB 1573ms
1553ms Script
application/javascript 2606:4700::6812:4dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/js.js

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a046e905411d34c2d73802ccf7c2599b9991c5819e39693ac25924436772f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 26 Mar 2023 23:29:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Mar 2023 18:37:57 GMT
Server: cloudflare
ETag: W/"3fd76e84218d11467d4065c510c8cbff"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 7ae32d16c8d880d7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Mon, 25 Mar 2024 23:29:31 GMT

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba00f0bc83ac4d9a64a46b4dd7423a857f9cb13e681d3cff876ef326d4b5111d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
2 KB 101ms
46ms Stylesheet
text/css 2404:6800:400a:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;0,800;1,400;1,700;1,800&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Material+Icons&display=swap

Requested by

Host: cdn.greatpages.com.br
URL: https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/js.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:804::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8adbbcb426cc5e15732492ff7bc82d4f18c8e97f0faa41b90044a0d2713d9580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Mar 2023 23:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 26 Mar 2023 23:29:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 15ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.greatpages.com.br
URL: https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/js.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1024b15789c74b9531cd607b7507c13723879a74bebd70658bec6ed92c025aa7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 26 Mar 2023 23:29:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cgwfEP3b2TP4bBnuG0A07XkfEaqsrVvGkub4H5tauxcaXNEBexhRgqQYFx0Lv3XLf0iFhzcsIdq6LHOZo8IRtg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.13.0/css/ 57 KB
13 KB 21ms
9ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by: Host: cdn.greatpages.com.br
URL: https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

Referer: https://rumoaliberdadefinanceira.com/
Origin: https://rumoaliberdadefinanceira.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 26 Mar 2023 23:29:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0DVHWEDR9YBTMBWN
age: 117501
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PaYQ+ZOUdhIeSquehfgPPoaNyXViAnL1Ns/IYNfA3kJlPRUgKSgmgpb55PQnWPiF4Gh4id0IacCntr6+CL+xA+BU52lI2esEheBt04Uairs=
last-modified: Wed, 30 Jun 2021 15:38:38 GMT
server: cloudflare
etag: W/"76cb46c10b6c0293433b371bae2414b2"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEG3%2Fbc76SVFjpaapKH6GInqw1UK25culAu%2FgDFylpX%2FI6J8diln0M75wRBNraprLXCKhQbw5sLzXtBj3fH8IEmmViQDjOwUBmDOV04REa141bmfy%2FG%2FuHkTMUuSFpBwoVf4d4tUnVPqh%2BMNRjdLJLOd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7ae32d20cfd0afb8-NRT

GET
H2 200 220434849191830 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 248ms
248ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/220434849191830?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acf7dfc7df62ae1c6b8814b73d2d27c98c833a228b4632e676f04d9ffed8a51a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 26 Mar 2023 23:29:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6DB81WxDZBx10Qtk5T0l9IN3Ixp2mvdFL+cz4xDfhKxhtJeUs5jv+yi8Tx+IvXNWQxCrPDiDIa2phHgMWwUWCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 196692_1_167954406291450888.png
cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/ 69 KB
70 KB 905ms
904ms Image
image/png 2606:4700::6812:4dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/196692_1_167954406291450888.png

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510ba89f4d25d8b6bbddebcca01e76177666b64f565706bb8f7be151d0d8ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 26 Mar 2023 23:29:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Mar 2023 18:37:56 GMT
Server: cloudflare
ETag: "ebe334390193439ef12107de3df5e028"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7ae32d20df2880d7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 71166
Expires: Mon, 25 Mar 2024 23:29:33 GMT

GET
H/1.1 200
OK 196692_1_167954418696202237.jpg
cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/ 2 KB
3 KB 278ms
277ms Image
image/jpeg 2606:4700::6812:4dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/196692_1_167954418696202237.jpg

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3811a550e590abdedebc0854498928674dfc3baec33ef0b46edb0f1cceaebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 26 Mar 2023 23:29:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Mar 2023 18:37:56 GMT
Server: cloudflare
ETag: "5b862c7fbb33b448f0c9c3a5a9e811e1"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7ae32d20de52af9f-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2437
Expires: Mon, 25 Mar 2024 23:29:32 GMT

GET
H/1.1 200
OK 196692_1_167954419647647361.png
cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/ 5 KB
6 KB 436ms
431ms Image
image/png 2606:4700::6812:4dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/196692_1_167954419647647361.png

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920b318b0327eb9ad6dcedfabb45f0ddc133cd456ec311597e2641687dcf158d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 26 Mar 2023 23:29:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Mar 2023 18:37:56 GMT
Server: cloudflare
ETag: "75d28adf6c452ef3abd7ce291d4f836c"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7ae32d20dad23481-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5122
Expires: Mon, 25 Mar 2024 23:29:32 GMT

GET
H/1.1 200
OK 196692_1_167966827916244483.jpg
cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/ 5 KB
6 KB 927ms
921ms Image
image/jpeg 2606:4700::6812:4dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/196692_1_167966827916244483.jpg

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d53cbe39410f1cb390e979e7b4cbe76d65eca9ec986e9bfcb2320eacd11acb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 26 Mar 2023 23:29:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Mar 2023 18:37:56 GMT
Server: cloudflare
ETag: "fec8db9af560742413c9af91758b5a7f"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7ae32d20e9f380d5-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5290
Expires: Mon, 25 Mar 2024 23:29:33 GMT

GET
H/1.1 200
OK 196692_1_1679543795641bcdf340239.jpg
cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/ 541 KB
542 KB 511ms
503ms Image
image/jpeg 2606:4700::6812:4dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/196692_1_1679543795641bcdf340239.jpg

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b42c01feea1c5cfb48b91d6f8606ab84c0af66ec9ada716decf641ba0bc1771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 26 Mar 2023 23:29:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Mar 2023 18:37:56 GMT
Server: cloudflare
ETag: "cb4cdd8b71ec183cf4237ca67524c122"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7ae32d20ee0f204d-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 554082
Expires: Mon, 25 Mar 2024 23:29:32 GMT

GET
H/1.1 200
OK 196692_1_1679543795641bcdf340265.jpg
cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/ 3 KB
4 KB 992ms
984ms Image
image/jpeg 2606:4700::6812:4dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/imagens/desktop/196692_1_1679543795641bcdf340265.jpg

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d030a91d383e45708da17fc747bf7f1f9f859376405e9bd692a07985f169e0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 26 Mar 2023 23:29:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Mar 2023 18:37:56 GMT
Server: cloudflare
ETag: "a770226a297372cde90defd473f91aec"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7ae32d20ebf98a60-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3559
Expires: Mon, 25 Mar 2024 23:29:33 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 75 KB
75 KB 7ms
7ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin: https://rumoaliberdadefinanceira.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 26 Mar 2023 23:29:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y97X10GF860QGBXZ
age: 117499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76612
x-amz-id-2: QV/qVC2mCO9/hyEf3WVuFhcc7DCqkgzFo3s9eJMkHCzESVwToab+WX7D6cyJ/70iRKeDz5J4BmM=
last-modified: Wed, 30 Jun 2021 15:39:01 GMT
server: cloudflare
etag: "a06da7f0950f9dd366fc9db9d56d618a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjbvsNM1aKDhnu6G0H7uANjRXVx0kYOLXqbLt5mOg5T7CoE2DGAgvCipHAWxIuLmCDpS%2Fl3cClqs3wO%2FVWWiOBVoF5tgwKLu7lEZJAhQki2d%2Fw9avHQBi2Azy823cS6teCvnjRW6y4M%2FVZoo7aO667vo"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7ae32d20ffe5afb8-NRT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 46ms
5ms Font
font/woff2 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;0,800;1,400;1,700;1,800&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Material+Icons&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rumoaliberdadefinanceira.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 24 Mar 2023 11:47:39 GMT
x-content-type-options: nosniff
age: 214913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30856
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Mar 2024 11:47:39 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v140/ 126 KB
126 KB 45ms
5ms Font
font/woff2 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rumoaliberdadefinanceira.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 24 Mar 2023 11:47:38 GMT
x-content-type-options: nosniff
age: 214914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128616
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Mar 2024 11:47:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 33ms
3ms Font
font/woff2 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rumoaliberdadefinanceira.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 24 Mar 2023 11:47:37 GMT
x-content-type-options: nosniff
age: 214915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Mar 2024 11:47:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 32ms
3ms Font
font/woff2 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rumoaliberdadefinanceira.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 24 Mar 2023 11:47:37 GMT
x-content-type-options: nosniff
age: 214915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Mar 2024 11:47:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
38 KB 88ms
46ms Script
application/javascript 2404:6800:4004:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3ZDCRF

Requested by

Host: cdn.greatpages.com.br
URL: https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/js.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc388112b451fd6689d390a45956a2b96acc7fe94eacfddcac151c1f85b9e7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 26 Mar 2023 23:29:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38799
x-xss-protection: 0
last-modified: Sun, 26 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Mar 2023 23:29:32 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 11ms
3ms Image
text/plain 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=220434849191830&ev=PageView&dl=https%3A%2F%2Frumoaliberdadefinanceira.com%2F%3Fshiny&rl=&if=false&ts=1679873372589&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22471001407210660%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22379417346650662%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1679873372588.1400243472&it=1679873372286&coo=false&rqm=GET

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 26 Mar 2023 23:29:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
r3-pages-views.greatpages.com.br/ 0
0 314ms
274ms Script
application/json 2606:4700::6812:4dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r3-pages-views.greatpages.com.br/?g=eyJ2IjoxLCJhIjoicGFnZXZpZXciLCJzIjoiYVYwcHNZMjFTYUZwSFZtMWhWelZvWW0xT2JHRllTbWhNYlU1MllsTTRURlV6TlVwSVIyY1hjMGVtdzBTRmR3VFd4U2QwUmhTRkl3WTBoTk5reDVPVE5rTTJOMVkyNVdkR0l5Um5OaCIsImQiOiIyMDIzLTAzLTI2IDIzOjI5OjMyIiwiZSI6IkdQYWdlcy45NDEyMTY3OTg3MzM3MjI2MSIsImkiOiJiRlhOVEJhVjJSNVdWZE9hR0l4T1cxWlYwNXNXVzA1ZG1FeE9YZGhXR2hzWWtZNWJHUnRWblZrUnpsbVdWZE9iR016VG5aWU0wSnNZMjVPZG1KdFJuTmhXSEJvV2tjNGFVOXROVEZpUjNkelNXMXNkV1JIVm01amJVWnFXVmM1WmxwdFJtcGFWMHAyWWpKMFptTkhiRFJhVjNobVdsaGFiR0p1VW5aSmFtOXBWVWRHYmxwV1duQmFXR05wVEVOS2NHSnVVbXhhTTBwb1dUSkdkbGd5V21oWk1sWnBZakk1Y2xnelFuQmxSMVp6V0RKV01scFhOVEJpTVRsM1dsaEtlbUl5TldoaVIydzJXVmRTZGtscWNIVmtWM2h6VEVOS2NHSnVVbXhhTTBwb1dUSkdkbGd5V21oWk1sWnBZakk1Y2xnelFuQmxSMVp6V0RKV01scFhOVEJpTVRscVlqSTFNRnBZVm10aU1Ua3lXVmQ0ZG1OcFNUWkpha0YxVFVSQmFVeERTbkJpYmxKc1dqTkthRmt5Um5aWU1scG9XVEpXYVdJeU9YSllNMEp3WlVkV2MxZ3lWakphVnpVd1lqRTVhbUl5TlRCYVdGWnJZakU1ZEdJeVZtdFpVMGsyU1dwQmFXWlJiV055TkdKbWQyUUZkVk1tNDVNMngyZWt4cFFtNWxlVXB3V2tZNWJrbHFiMmxOYWswd1QwUmphVXhEU25CYVJqbDNXVmRrY0dKdFJXbFBhVWw0VDFSWk1rOVVTV2xNUTBwd1drWTVhMkl5TVhCaWJXeDJTV3B2YVU1cVVYZE9hbU5wVEVOS2NHSnVVbXhhTTBwb1dUSkdkbGd5V21oWk1sWnBZakk1Y2xnelVuWmhNbFoxU1dwd2RXUlhlSE5NUTBwd1ltNVNiRm96U21oWk1rWjJXREphYUZreVZtbGlNamx5V0ROQ2NHVkhWbk5ZTW1ob1dXMXNjMkZZVW1oamFVazJZbTVXYzJKRGQybGhWelV3V2xka2VWbFhUbWhpTVRsdFdWZE9iRmx0T1haaE1UbDNZVmhvYkdKR09XeGtiVloxWkVjNVptUkhWbnBrUjFWcFQyMDFNV0pIZDNOSmJXeDFaRWRXYm1OdFJtcFpWemxtV20xR2FscFhTblppTW5SbVkwZHNORnBYZDJsUGJUVXhZa2QzYzBsdGJIVmtSMVp1WTIxR2FsbFhPV1phYlVacVdsZEtkbUl5ZEdaalIydzBXbGQ0WmxwWVdteGlibEoyV0RKR2FscFlUbnBpZVVrMlNXeENhRm95VmxkaFYxWXpTV2wzYVciLCJjIjoiZmIuMS4xNjc5ODczMzcyNTg4LjE0MDAyNDM0NzIifQ==
Requested by: Host: cdn.greatpages.com.br
URL: https://cdn.greatpages.com.br/www.rumoaliberdadefinanceira.com/1679683075/js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 6ms
2ms Image
text/plain 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=220434849191830&ev=Microdata&dl=https%3A%2F%2Frumoaliberdadefinanceira.com%2F%3Fshiny&rl=&if=false&ts=1679873373096&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Desafio%20Rumo%20%C3%A0%20Liberdade%20Financeira%22%2C%22meta%3Adescription%22%3A%22Sentes-te%20preso%20numa%20situa%C3%A7%C3%A3o%20financeira%20dif%C3%ADcil%3F%20Tens%20dificuldades%20para%20pagar%20as%20contas%20todos%20os%20meses%20ou%20n%C3%A3o%20sabes%20como%20economizar%20dinheiro%3F%20Ent%C3%A3o%20o%20Desafio%20Rumo%20%C3%A0%20Liberdade%20Financeira%20%C3%A9%20para%20ti!%20Neste%20desafio%2C%20vais%20aprender%20os%20passos%20essenciais%20para%20sa%C3%ADres%20%20das%20d%C3%ADvidas%20e%20conquistares%20a%20liberdade%20financeira%20em%20apenas%22%2C%22meta%3Akeywords%22%3A%22Finan%C3%A7as%2C%20Dinheiro%2C%20Liberdade%20Financeira%2C%20Educa%C3%A7%C3%A3o%20Financeira%2C%20Investimentos%2C%20Curso%20de%20finan%C3%A7as%2C%20finan%C3%A7as%20pessoais%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Desafio%20Rumo%20%C3%A0%20Liberdade%20Financeira%22%2C%22og%3Adescription%22%3A%22Descobre%20o%20passo%20a%20passo%20para%20sa%C3%ADres%20do%20zero%20e%20alcan%C3%A7ares%20a%20liberdade%20financeira%20em%20apenas%204%20aulas!%22%2C%22og%3Asite_name%22%3A%22Desafio%20Rumo%20%C3%A0%20Liberdade%20Financeira%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.rumoaliberdadefinanceira.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.greatsoftwares.com.br%2Farquivos%2Fpaginas%2F23487-54208e55e21b3d9541c5533955e7a419.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fcdn.greatsoftwares.com.br%2Farquivos%2Fpaginas%2F23487-54208e55e21b3d9541c5533955e7a419.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1679873372588.1400243472&it=1679873372286&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: rumoaliberdadefinanceira.com
URL: https://rumoaliberdadefinanceira.com/?shiny

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rumoaliberdadefinanceira.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 26 Mar 2023 23:29:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rumoaliberdadefinanceira.com/	1970-01-20 12:47:29	Name: _fbp Value: fb.1.1679873372588.1400243472

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.greatpages.com.br
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
r3-pages-views.greatpages.com.br
rumoaliberdadefinanceira.com
use.fontawesome.com
www.facebook.com
www.googletagmanager.com
2404:6800:4004:820::2008
2404:6800:4004:825::2003
2404:6800:400a:804::200a
2606:4700::6812:4dd
2606:4700:e2::ac40:840f
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:187:face:b00c:0:25de
35.247.253.234
097b90c0ca622b2f50ca1d357eac0affa2c24977972415bb74c4789827228753
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1024b15789c74b9531cd607b7507c13723879a74bebd70658bec6ed92c025aa7
2254cf1e3791bfa3e1bdd36558759f24c6fa39c497376de5023a23b4599fed7c
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
6510ba89f4d25d8b6bbddebcca01e76177666b64f565706bb8f7be151d0d8ad4
6a046e905411d34c2d73802ccf7c2599b9991c5819e39693ac25924436772f4e
6d3811a550e590abdedebc0854498928674dfc3baec33ef0b46edb0f1cceaebe
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8adbbcb426cc5e15732492ff7bc82d4f18c8e97f0faa41b90044a0d2713d9580
8b42c01feea1c5cfb48b91d6f8606ab84c0af66ec9ada716decf641ba0bc1771
920b318b0327eb9ad6dcedfabb45f0ddc133cd456ec311597e2641687dcf158d
acf7dfc7df62ae1c6b8814b73d2d27c98c833a228b4632e676f04d9ffed8a51a
ba00f0bc83ac4d9a64a46b4dd7423a857f9cb13e681d3cff876ef326d4b5111d
cc388112b451fd6689d390a45956a2b96acc7fe94eacfddcac151c1f85b9e7de
d030a91d383e45708da17fc747bf7f1f9f859376405e9bd692a07985f169e0bb
d53cbe39410f1cb390e979e7b4cbe76d65eca9ec986e9bfcb2320eacd11acb2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

rumoaliberdadefinanceira.com Open in urlscan Pro 35.247.253.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

88 %IPv6

8 Domains

9 Subdomains

9 IPs

4 Countries

1126 kBTransfer

1814 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

rumoaliberdadefinanceira.com Open in urlscan Pro
35.247.253.234 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

1126 kB
Transfer

1814 kB
Size

1
Cookies

22 HTTP transactions
1 data transactions