urlscan.io logo urlscan.io
SecurityTrails logo

www.geradordefakenews.com Open in urlscan Pro
2a02:4780:13:1281:0:39c8:6433:2  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.geradordefakenews.com/
Effective URL: https://www.geradordefakenews.com/
Submission: On January 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 52 HTTP transactions. The main IP is 2a02:4780:13:1281:0:39c8:6433:2, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is www.geradordefakenews.com.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.
This is the only time www.geradordefakenews.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

11    2a02:4780:13:1281:0:39c8:6433:2 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)
www.geradordefakenews.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
10    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
phicmune.net
3    2606:4700:10::6816:1d50 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.ko-fi.com
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:4400::ac40:919c (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 geradordefakenews.com
www.geradordefakenews.com
191 KB
10 phicmune.net
phicmune.net — Cisco Umbrella Rank: 172259
60 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1230
syndication.twitter.com — Cisco Umbrella Rank: 1527
148 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 29111
ui.cleverwebserver.com — Cisco Umbrella Rank: 30174
call.cleverwebserver.com — Cisco Umbrella Rank: 30865
48 KB
3 ko-fi.com
storage.ko-fi.com — Cisco Umbrella Rank: 46295
9 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 955
138 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6518
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
412 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616
www.google.com — Cisco Umbrella Rank: 2
660 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
88 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
34 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
149 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
15 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
551 B
1 gstatic.com
fonts.gstatic.com
28 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
6 KB
52 17
Domain Requested by
11 www.geradordefakenews.com 1 redirects www.geradordefakenews.com
10 phicmune.net www.geradordefakenews.com
phicmune.net
4 platform.twitter.com www.geradordefakenews.com
platform.twitter.com
3 storage.ko-fi.com www.geradordefakenews.com
storage.ko-fi.com
2 static.xx.fbcdn.net www.facebook.com
2 syndication.twitter.com platform.twitter.com
2 www.google.de www.geradordefakenews.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.geradordefakenews.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.geradordefakenews.com
www.googletagmanager.com
1 www.facebook.com connect.facebook.net
1 call.cleverwebserver.com www.geradordefakenews.com
1 ui.cleverwebserver.com www.geradordefakenews.com
1 my.rtmark.net www.geradordefakenews.com
1 www.google.com www.geradordefakenews.com
1 fonts.gstatic.com fonts.googleapis.com
1 scripts.cleverwebserver.com www.geradordefakenews.com
1 fonts.googleapis.com storage.ko-fi.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdnjs.cloudflare.com www.geradordefakenews.com
1 ajax.googleapis.com www.geradordefakenews.com
52 22

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
ko-fi.com
Subject Issuer Validity Valid
geradordefakenews.com
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-04 -
2024-02-02		 3 months crt.sh
phicmune.net
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
syndication.twitter.com
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.geradordefakenews.com/
Frame ID: A71F80FF0A324DE8112213D8410BA193
Requests: 43 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.geradordefakenews.com
Frame ID: A7E1FBE2DF7B8C02A3BDAC1265F25244
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 00A8E3D9FC8284BAA565C1373E1090F7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v7.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7b034c2d9634a516%26domain%3Dwww.geradordefakenews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.geradordefakenews.com%252Ffd6868f4e3a1562c3%26relation%3Dparent.parent&container_width=380&href=https%3A%2F%2Fwww.geradordefakenews.com%2F&layout=button_count&locale=pt_BR&sdk=joey&size=small
Frame ID: EC710F61E3DB93C99AD6449281E8959E
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Frame ID: 620A1445B5E6FE68699F6C2E43E75C87
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gerador de Fake News | Crie sua pegadinha

Page URL History Show full URLs

  1. http://www.geradordefakenews.com/ HTTP 301
    https://www.geradordefakenews.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

100 %
HTTPS

84 %
IPv6

17
Domains

22
Subdomains

20
IPs

5
Countries

936 kB
Transfer

2729 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.geradordefakenews.com/ HTTP 301
    https://www.geradordefakenews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.geradordefakenews.com/
Redirect Chain
  • http://www.geradordefakenews.com/
  • https://www.geradordefakenews.com/
72 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.2.34
Resource Hash
581fde8cae78d14b1370da608b40faead1ac015ffb2b777a84795f054283785c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
28581
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 26 Jan 2024 16:37:35 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 26 Jan 2024 16:37:34 GMT
location
https://www.geradordefakenews.com/
platform
hostinger
server
LiteSpeed
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-167879703-1
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
46208366ebf4d2f55454cd14cf38fbea1d776cd4331edf46ae0be6450da7acaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69730
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 Jan 2024 16:37:35 GMT
gerador.js
www.geradordefakenews.com/ 		181 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geradordefakenews.com/gerador.js
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3b873dfa21ab70a40e6928888eb9abb76463d8edebc1f85bf8c5f795ca69e081
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 28 Nov 2023 16:31:33 GMT
server
LiteSpeed
etag
"2d2d3-656615e5-e9937586ef617019;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
70775
expires
Fri, 02 Feb 2024 16:37:35 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 08:53:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 08:53:42 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2QFH9Z28KW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167879703-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
271189d7e683668f0251ae0af836888fb21dc6ef8caccfb0b2d6ecf100f225cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82161
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jan 2024 16:37:35 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167879703-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jan 2024 15:30:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4012
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 26 Jan 2024 17:30:44 GMT
reset.css
www.geradordefakenews.com/ 		1 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geradordefakenews.com/reset.css
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Oct 2022 22:21:51 GMT
server
LiteSpeed
etag
"444-6345ec7f-2c9cfd0888f3bac5;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
525
expires
Fri, 02 Feb 2024 16:37:35 GMT
estilos.css
www.geradordefakenews.com/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geradordefakenews.com/estilos.css
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a1d34b0ceaf5ff187d50d8bbba23e0f783afd118c999a3d9d2fb6668452155d4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 28 Nov 2023 16:35:53 GMT
server
LiteSpeed
etag
"4bb6-656616e9-7782f1318c2f6c66;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
3797
expires
Fri, 02 Feb 2024 16:37:35 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
135375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlcyFm8E4Houw2AU2XGwOWxeD8%2BwgbAvMXJISeUNL49s8HSNzfcT1zJtnCxfxhp33PN8%2F9pzi0AMBAwFVvM5nXseKZkQttTY8kQmYQW1lSdNFc%2Fa1N%2BF00U8v5mlQ4FnQuiY0ZoVLlY1LZ%2Fyt3T5QKM1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84ba2e71bd0e085a-FRA
expires
Wed, 15 Jan 2025 16:37:35 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ab787ba8fab7dceaaac4ba03f7b1e498dca7b18b42693217a49f3b1a1e09651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.geradordefakenews.com/
Origin
https://www.geradordefakenews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jan 2024 16:37:36 GMT
content-md5
sirkdgdFAcrPVopouhdn3Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
GBDat0PsF4cctQOzmtNsy+NT8Buenpt/azVwLVWmgZj9Su85ysJUBxpgzqDAlgdwGqp4HInBv3n1Ygr27XHXGQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
3442071f5764074beb9bb9e890e92909
cross-origin-opener-policy
same-origin-allow-popups
etag
"e936cebe58e5e20b4b0b507ac405b7d0"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 26 Jan 2024 16:50:51 GMT
logo.png
www.geradordefakenews.com/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geradordefakenews.com/logo.png
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
de91c27ad558aa3d85825d6c72cf89a6a18e68bad5d9978196bd3bd3b6df0121
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:35 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Oct 2022 22:21:50 GMT
server
LiteSpeed
etag
"b2da-6345ec7e-814ff6c734777db7;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
45786
expires
Fri, 02 Feb 2024 16:37:35 GMT
ntfc.php
phicmune.net/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/ntfc.php?p=4652689
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a9d329434857a7315aad3daf6f473ccf7842d3c36076e2f6be7b8da51afe9103

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 16:37:36 GMT
content-encoding
gzip
last-modified
Fri, 26 Jan 2024 14:26:35 GMT
server
nginx
etag
W/"65b3c11b-3731"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
Widget_2.js
storage.ko-fi.com/cdn/widget/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.ko-fi.com/cdn/widget/Widget_2.js
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc8cc7536bf94d03004fa21c405a2281878fb1296a61a9dfeb55cc27a53c6ca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:35 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
OrvIUQF0Mg8EkV9ejBdWSw==
age
5586
cf-polished
origSize=3628
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 24 Oct 2022 16:33:26 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a45caea3-001e-0020-2d15-1674fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
84ba2e71cef72c6e-FRA
personalizadoverde.png
www.geradordefakenews.com/ 		737 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geradordefakenews.com/personalizadoverde.png
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
109b319351e682be42616513c58cbed6f023235515e875fb80ef7dabc4d99d49
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.geradordefakenews.com/
Origin
https://www.geradordefakenews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:35 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 28 Nov 2023 16:29:17 GMT
server
LiteSpeed
etag
"2e1-6566155d-fcfb086133e1d52b;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
737
expires
Fri, 02 Feb 2024 16:37:35 GMT
barra_redessociais.png
www.geradordefakenews.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geradordefakenews.com/barra_redessociais.png
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a125ab37275fe746604e8140ee6319c0ee56b4a7c3515ce837fa10264c73d866
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:36 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Oct 2022 22:21:43 GMT
server
LiteSpeed
etag
"de7-6345ec77-9abe397b0cc19bb8;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3559
expires
Fri, 02 Feb 2024 16:37:36 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 16:37:36 GMT
Content-Encoding
gzip
Age
336
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/668D)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2QFH9Z28KW&gtm=45je41o0v9121905324&_p=1706287055377&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=768660864.1706287056&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1706287055&sct=1&seg=0&dl=https%3A%2F%2Fwww.geradordefakenews.com%2F&dt=Gerador%20de%20Fake%20News%20%7C%20Crie%20sua%20pegadinha&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1730
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QFH9Z28KW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 16:37:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.geradordefakenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2QFH9Z28KW&cid=768660864.1706287056&gtm=45je41o0v9121905324&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QFH9Z28KW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 16:37:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.geradordefakenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2QFH9Z28KW&cid=768660864.1706287056&gtm=45je41o0v9121905324&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=74382853
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 16:37:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html2canvas.min.js
www.geradordefakenews.com/ 		161 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geradordefakenews.com/html2canvas.min.js
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/gerador.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d2ca6269b778e4c7f46030aa5f03342143deeb77c06bd632856a6fa5e2e8bf1f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:36 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Oct 2022 22:21:49 GMT
server
LiteSpeed
etag
"28411-6345ec7d-252f356a6965556e;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
38857
expires
Fri, 02 Feb 2024 16:37:36 GMT
/
www.geradordefakenews.com/ 		0
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geradordefakenews.com/
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:36 GMT
content-security-policy
upgrade-insecure-requests
server
LiteSpeed
platform
hostinger
x-powered-by
PHP/7.2.34
content-type
text/html; charset=UTF-8
/
www.geradordefakenews.com/ 		908 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geradordefakenews.com/
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1281:0:39c8:6433:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:36 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
server
LiteSpeed
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
platform
hostinger
content-length
28581
css
fonts.googleapis.com/ 		2 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:400,700
Requested by
Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/widget/Widget_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83ef0e9bf00ac7014e3f83fdc9e9e5aec1760ab5495f086e95ea0b0f8f4467c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 16:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 15:45:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 16:37:36 GMT
cup-border.png
storage.ko-fi.com/cdn/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.ko-fi.com/cdn/cup-border.png
Requested by
Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/widget/Widget_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:36 GMT
cf-cache-status
HIT
content-md5
nt+i2V4lVEX5fauLp9jhTw==
age
3396
cf-polished
origFmt=png, origSize=11273
content-disposition
inline; filename="cup-border.webp"
content-length
6016
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri,csam-hash
last-modified
Sun, 23 Oct 2022 21:56:48 GMT
server
cloudflare
etag
0x8DAB5417C366016
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
ee7499ec-401e-0063-01b8-1c5e15000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84ba2e753b112c6e-FRA
sdk.js
connect.facebook.net/pt_BR/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=de18e68a16bb64e8dafb60dcc8661f85
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
917b7dba3a4fb3b6721c99762213ef6c05e256bee74b7af434f998631e65ad92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.geradordefakenews.com/
Origin
https://www.geradordefakenews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jan 2024 16:37:36 GMT
content-md5
ia/NCvGbg/G6SciVl4W36g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87044
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
jSiY7G3l67lEJbLRIPiffahWfQX91QI0iOPNXS9BPJBYNg0mbpRjlbLVKCACXoSH7/9+LZ1CPfOSni7T7015ew==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
fe2336f08c5f3a8b4808909b3737a156
cross-origin-opener-policy
same-origin-allow-popups
etag
"6de2f7544a8fc85798404a72e5b67d1d"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 25 Jan 2025 16:25:37 GMT
collect
www.google-analytics.com/j/ 		2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=948155140&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geradordefakenews.com%2F&ul=en-us&de=UTF-8&dt=Gerador%20de%20Fake%20News%20%7C%20Crie%20sua%20pegadinha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1014825833&gjid=487986996&cid=768660864.1706287056&tid=UA-167879703-1&_gid=843066721.1706287056&_r=1&gtm=457e41o0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1178235795
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geradordefakenews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 16:37:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.geradordefakenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal.min.js
phicmune.net/pfe/current/ 		86 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/pfe/current/universal.min.js?v=3.1.478
Requested by
Host: phicmune.net
URL: https://phicmune.net/ntfc.php?p=4652689
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
48443b13bfbacb1410860e76dc3475718b9079dbc7249e80c911850bdbd416c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 16:37:36 GMT
content-encoding
gzip
last-modified
Fri, 26 Jan 2024 14:26:35 GMT
server
nginx
etag
W/"65b3c11b-157b7"
content-type
application/javascript
access-control-allow-origin
https://www.geradordefakenews.com
cache-control
no-cache
access-control-allow-credentials
true
zone
phicmune.net/ 		913 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/zone?pub=0&zone_id=4652689&is_mobile=false&domain=www.geradordefakenews.com&var=&ymid=&var_3=&tg=0&sw=3.1.478&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: phicmune.net
URL: https://phicmune.net/ntfc.php?p=4652689
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
cff3e379e49157b60b5454b7eab900d65420a8c7092fcb7bbb8aeef1130ea027
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
667b03b752c2060be593ae3e7e351d58
date
Fri, 26 Jan 2024 16:37:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.geradordefakenews.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
913
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-167879703-1&cid=768660864.1706287056&jid=1014825833&gjid=487986996&_gid=843066721.1706287056&_u=YADAAUAAAAAAACAAI~&z=59258438
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geradordefakenews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 26 Jan 2024 16:37:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.geradordefakenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
17c0da55b4f8d3b7986f02c2fed6f2cc.js
scripts.cleverwebserver.com/ 		129 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/17c0da55b4f8d3b7986f02c2fed6f2cc.js
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b80676dc5827ff7b235398e8c20c37adb9e85db1ccf0bcf4073b1231059477d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:36 GMT
x-amz-version-id
9rxYIgb8jKBYYYQLImcggXTuNJ_KQg5V
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 23 Nov 2023 12:19:32 GMT
server
cloudflare
x-amz-request-id
D3AG3RYMMB1DSQDV
etag
W/"0fac2d3fec11a0f8331dce9ae6a0051a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
84ba2e760a731983-FRA
x-amz-id-2
RqIWAR3y9tVfd9TAwrpMYXekV/gP19t6hMcqH+lzYQCHXTR/EOsaWNHC1KmdTkf1zGjq4pybqsg=
expires
Fri, 26 Jan 2024 17:07:36 GMT
whitelogo.svg
storage.ko-fi.com/cdn/ 		2 KB
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.ko-fi.com/cdn/whitelogo.svg
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97e2486e279a2b5bf69bcff95f7cb25134574da875dbbcf9404467749b21253

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:36 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
NNxd8cik1auzYySPv5WiaQ==
age
4034
x-ms-lease-status
unlocked
last-modified
Mon, 24 Oct 2022 16:33:26 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1ee3cc30-201e-003c-27b0-0eaceb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
84ba2e75cba52c6e-FRA
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.geradordefakenews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:24 GMT
x-content-type-options
nosniff
age
234132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:35:24 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame A7E1 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.geradordefakenews.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://www.geradordefakenews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3971757
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Jan 2024 16:37:36 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6712)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-167879703-1&cid=768660864.1706287056&jid=1014825833&_u=YADAAUAAAAAAACAAI~&z=465686795
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 16:37:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-167879703-1&cid=768660864.1706287056&jid=1014825833&_u=YADAAUAAAAAAACAAI~&z=465686795
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 16:37:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
custom
phicmune.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.geradordefakenews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.geradordefakenews.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 26 Jan 2024 16:37:36 GMT
server
nginx
custom
phicmune.net/ 		39 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/custom
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geradordefakenews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
0653b6ab9b51d71ee721a1ff5b315db4
date
Fri, 26 Jan 2024 16:37:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.geradordefakenews.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/ 		65 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=0f95c2e33b8647049c61c124c175f16c&zoneId=4652689&checkDuplicate=true&ymid=&var=
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
182e20895beb4d7a1a191944929f87b15637f2fd5f44f237b3a53947e7753c02
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.geradordefakenews.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
defaultSkin.min.js
phicmune.net/pfe/current/ 		56 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/pfe/current/defaultSkin.min.js
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 16:37:36 GMT
content-encoding
gzip
last-modified
Fri, 26 Jan 2024 14:26:35 GMT
server
nginx
etag
W/"65b3c11b-df63"
content-type
application/javascript
access-control-allow-origin
https://www.geradordefakenews.com
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ Frame 00A8 		255 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
phicmune.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.geradordefakenews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.geradordefakenews.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 26 Jan 2024 16:37:36 GMT
server
nginx
custom
phicmune.net/ 		39 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/custom
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geradordefakenews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
5097285937d2ea39a3db124ada3a5630
date
Fri, 26 Jan 2024 16:37:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.geradordefakenews.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
/
ui.cleverwebserver.com/ 		157 B
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b22ad1f45f0e83c84eaa9dbf7a0ae68a9c183648f81f24ab208ba8a1100a361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
84ba2e778c161983-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
/
call.cleverwebserver.com/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=54411&c=DE&r=&l=46&b=Chrome&os=Win10&mob=0&v=1.58.1&ref=aHR0cHM6Ly93d3cuZ2VyYWRvcmRlZmFrZW5ld3MuY29tLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:37:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84ba2e77dc721983-FRA
content-length
43
content-type
image/gif
settings
syndication.twitter.com/ Frame A7E1 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=df73e9b2676babf332f7eb178307f5955ba04a86
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.geradordefakenews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
103
date
Fri, 26 Jan 2024 16:37:38 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 26 Jan 2024 16:37:38 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
1516cf20d3783636
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
b4f9abb4028e51f91c97204416e598f1f1925ddd70eab923e70c522c6ff82133
content-length
337
share_button.php
www.facebook.com/v7.0/plugins/ Frame EC71 		43 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v7.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7b034c2d9634a516%26domain%3Dwww.geradordefakenews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.geradordefakenews.com%252Ffd6868f4e3a1562c3%26relation%3Dparent.parent&container_width=380&href=https%3A%2F%2Fwww.geradordefakenews.com%2F&layout=button_count&locale=pt_BR&sdk=joey&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=de18e68a16bb64e8dafb60dcc8661f85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
224372f8fb8375fdf8311814197820f5ba7f4a98d38967769496ceff7ebfb077
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geradordefakenews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 16:37:38 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=()
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
FB8oxs9bak6adp2e83MP4k/GiSt4WDU+r3itkSwvzeq91IUkf5vXyW3Lnl0jxedAgWxVHq4Uq0rmwF4/IzCG7A==
x-xss-protection
0
custom
phicmune.net/ 		39 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/custom
Requested by
Host: www.geradordefakenews.com
URL: https://www.geradordefakenews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geradordefakenews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
53678f3001ed740c7890a4be7355a5cb
date
Fri, 26 Jan 2024 16:37:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.geradordefakenews.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
custom
phicmune.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://phicmune.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.geradordefakenews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.geradordefakenews.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 26 Jan 2024 16:37:38 GMT
server
nginx
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 16:37:38 GMT
Content-Encoding
gzip
Age
3971765
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (frb/668D)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
platform.twitter.com/widgets/ Frame 620A 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
67624eca89cd5a8049792f76cf40796791bc957c95628825f5c3d83d1ad6c3bf

Request headers

Referer
https://www.geradordefakenews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3971424
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12714
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Jan 2024 16:37:38 GMT
Etag
"a9939cebd5fcfb5da02584a7718324d9+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.geradordefakenews.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22pt%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1706287058833%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=df73e9b2676babf332f7eb178307f5955ba04a86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.geradordefakenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
104
date
Fri, 26 Jan 2024 16:37:38 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 26 Jan 2024 16:37:38 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
9e3a9c1102045361
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
b4f9abb4028e51f91c97204416e598f1f1925ddd70eab923e70c522c6ff82133
content-length
43
A_VQKChstn1.js
static.xx.fbcdn.net/rsrc.php/v3iM-F4/yX/l/pt_BR/ Frame EC71 		528 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iM-F4/yX/l/pt_BR/A_VQKChstn1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v7.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7b034c2d9634a516%26domain%3Dwww.geradordefakenews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.geradordefakenews.com%252Ffd6868f4e3a1562c3%26relation%3Dparent.parent&container_width=380&href=https%3A%2F%2Fwww.geradordefakenews.com%2F&layout=button_count&locale=pt_BR&sdk=joey&size=small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f3cce1e0830fab0e0ce2791e88bc24d717b67aad1a5ef26ebc630ff82f81478b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 26 Jan 2024 16:37:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DIS/XZafEgu9wQgUYoEmsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
139463
x-fb-debug
eYWBP1pQ/68R8P1PVVNZvXki3iK1mcsqPmTFuQ2ahwV31hskXThXVXZORzsuusZjffslCtMFnAtdcrAHY/3TMw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 25 Jan 2025 03:26:29 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame EC71 		272 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v7.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7b034c2d9634a516%26domain%3Dwww.geradordefakenews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.geradordefakenews.com%252Ffd6868f4e3a1562c3%26relation%3Dparent.parent&container_width=380&href=https%3A%2F%2Fwww.geradordefakenews.com%2F&layout=button_count&locale=pt_BR&sdk=joey&size=small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 26 Jan 2024 16:37:38 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
reporting-endpoints
x-fb-debug
OVjOtXpAT6e19hNoAK49jlzOnnieWIWzmyFcyISismGE//xGnfDvKpMmR0AHLHpuM9uJMswxYKhz6O8YUXkiZA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 18 Jan 2025 02:29:26 GMT
truncated
/ Frame 620A 		471 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal function| _0x4f4e05 function| _0x28eb43 function| _0x303d24 function| _0x552f26 function| _0x24050a function| _0x52b019 object| imported function| _0x4c80 function| _0x2afee5 function| _0x3d59 function| atualizarTopo function| _0x2d6e62 function| atualizar function| inicializar function| gerar function| abrirFormContato function| readURL function| removeUpload function| _0x3336b2 function| _0x392612 function| _0x545296 function| $ function| jQuery function| atualizarLink function| copiarLink function| abrirmodal function| fecharmodal string| k object| _yfuxa4jeuma object| 2di3xwyip7q object| zfgformats function| setImmediate function| clearImmediate function| _uuskegyq function| _hcjmhhaf object| kofiwidget2 object| FB object| gaplugins object| gaData object| __twttrll object| twttr object| __twttr object| __buffer object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode function| html2canvas object| onClickExcludes object| CleverCore boolean| CleverCoreLoaded object| data number| haQtoTempo number| hora number| minuto number| dia string| mes string| strData object| nomes object| sobrenomes string| nomegerado

6 Cookies

Domain/Path Name / Value
.geradordefakenews.com/ Name: _ga_2QFH9Z28KW
Value: GS1.1.1706287055.1.0.1706287055.60.0.0
.geradordefakenews.com/ Name: _ga
Value: GA1.2.768660864.1706287056
.geradordefakenews.com/ Name: _gid
Value: GA1.2.843066721.1706287056
.geradordefakenews.com/ Name: _gat_gtag_UA_167879703_1
Value: 1
my.rtmark.net/ Name: ID
Value: 0f95c2e33b8647049c61c124c175f16c
www.geradordefakenews.com/ Name: clever-last-tracker-54411
Value: 0

3 Console Messages

Source Level URL
Text
security warning
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
call.cleverwebserver.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
my.rtmark.net
phicmune.net
platform.twitter.com
region1.analytics.google.com
scripts.cleverwebserver.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.ko-fi.com
syndication.twitter.com
ui.cleverwebserver.com
www.facebook.com
www.geradordefakenews.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.200
139.45.195.8
139.45.197.251
2001:4860:4802:32::36
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1d50
2606:4700:4400::ac40:919c
2606:4700::6811:180e
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:400c:c0c::9d
2a02:4780:13:1281:0:39c8:6433:2
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
109b319351e682be42616513c58cbed6f023235515e875fb80ef7dabc4d99d49
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
182e20895beb4d7a1a191944929f87b15637f2fd5f44f237b3a53947e7753c02
1b22ad1f45f0e83c84eaa9dbf7a0ae68a9c183648f81f24ab208ba8a1100a361
224372f8fb8375fdf8311814197820f5ba7f4a98d38967769496ceff7ebfb077
271189d7e683668f0251ae0af836888fb21dc6ef8caccfb0b2d6ecf100f225cd
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3b873dfa21ab70a40e6928888eb9abb76463d8edebc1f85bf8c5f795ca69e081
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834
46208366ebf4d2f55454cd14cf38fbea1d776cd4331edf46ae0be6450da7acaa
48443b13bfbacb1410860e76dc3475718b9079dbc7249e80c911850bdbd416c5
4ab787ba8fab7dceaaac4ba03f7b1e498dca7b18b42693217a49f3b1a1e09651
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
581fde8cae78d14b1370da608b40faead1ac015ffb2b777a84795f054283785c
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
67624eca89cd5a8049792f76cf40796791bc957c95628825f5c3d83d1ad6c3bf
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
83ef0e9bf00ac7014e3f83fdc9e9e5aec1760ab5495f086e95ea0b0f8f4467c3
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
917b7dba3a4fb3b6721c99762213ef6c05e256bee74b7af434f998631e65ad92
a125ab37275fe746604e8140ee6319c0ee56b4a7c3515ce837fa10264c73d866
a1d34b0ceaf5ff187d50d8bbba23e0f783afd118c999a3d9d2fb6668452155d4
a97e2486e279a2b5bf69bcff95f7cb25134574da875dbbcf9404467749b21253
a9d329434857a7315aad3daf6f473ccf7842d3c36076e2f6be7b8da51afe9103
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b80676dc5827ff7b235398e8c20c37adb9e85db1ccf0bcf4073b1231059477d3
bc8cc7536bf94d03004fa21c405a2281878fb1296a61a9dfeb55cc27a53c6ca1
cff3e379e49157b60b5454b7eab900d65420a8c7092fcb7bbb8aeef1130ea027
d2ca6269b778e4c7f46030aa5f03342143deeb77c06bd632856a6fa5e2e8bf1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de91c27ad558aa3d85825d6c72cf89a6a18e68bad5d9978196bd3bd3b6df0121
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3cce1e0830fab0e0ce2791e88bc24d717b67aad1a5ef26ebc630ff82f81478b
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881