cn.multiplicandodinheiro.com Open in urlscan Pro
203.159.80.211 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cn.multiplicandodinheiro.com/
Submission: On August 25 via automatic, source certstream-suspicious (August 25th 2024, 1:06:06 pm UTC) — Scanned from US

Summary HTTP 54 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 54 HTTP transactions. The main IP is 203.159.80.211, located in Sorocaba, Brazil and belongs to Gamers Club Ltda, BR. The main domain is cn.multiplicandodinheiro.com.
TLS certificate: Issued by R10 on August 25th 2024. Valid for: 3 months.

This is the only time cn.multiplicandodinheiro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	203.159.80.211 203.159.80.211	268624 (Gamers Cl...) (Gamers Club Ltda)
2	104.26.4.85 104.26.4.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.40.138 142.251.40.138	15169 (GOOGLE) (GOOGLE)
1	142.250.81.232 142.250.81.232	15169 (GOOGLE) (GOOGLE)
3	142.250.64.99 142.250.64.99	15169 (GOOGLE) (GOOGLE)
1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
2	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
11	142.250.64.110 142.250.64.110	15169 (GOOGLE) (GOOGLE)
2	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
1	142.250.69.3 142.250.69.3	15169 (GOOGLE) (GOOGLE)
2	165.232.128.151 165.232.128.151	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
54	14

23 203.159.80.211 (Sorocaba, Brazil)

ASN268624 (Gamers Club Ltda, BR)
PTR: br.jyn5040.com.br

cn.multiplicandodinheiro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.4.85 (None, )

ASN13335 (CLOUDFLARENET, US)

script.joinads.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.138 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.64.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.64.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.35.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.69.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lcphxq-aa-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 165.232.128.151 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

pageview.joinads.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	multiplicandodinheiro.com cn.multiplicandodinheiro.com	809 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662	76 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	74 KB
4	joinads.me script.joinads.me — Cisco Umbrella Rank: 315069 pageview.joinads.me — Cisco Umbrella Rank: 367912	10 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	26 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	149 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	70 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 353	32 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	90 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
54	11

	Domain	Requested by
23	cn.multiplicandodinheiro.com	cn.multiplicandodinheiro.com
11	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	pageview.joinads.me	script.joinads.me
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	cn.multiplicandodinheiro.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	script.joinads.me	cn.multiplicandodinheiro.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	www.googletagservices.com	script.joinads.me
1	www.googletagmanager.com	cn.multiplicandodinheiro.com
1	fonts.googleapis.com	cn.multiplicandodinheiro.com
54	13

This site contains links to these domains. Also see Links.

Domain
blossomthemes.com
wordpress.org

Subject Issuer	Validity	Valid
cn.multiplicandodinheiro.com R10	`2024-08-25` - `2024-11-23`	3 months	crt.sh
joinads.me WE1	`2024-06-30` - `2024-09-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
pageview.joinads.me R11	`2024-08-10` - `2024-11-08`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://cn.multiplicandodinheiro.com/
Frame ID: 570461D336FBCD219CEB835D06D227C7
Requests: 51 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 5AA373D6C7C7CF88F3D27E84E1F18B05
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Multiplicando Dinheiro

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

54
Requests

98 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

14
IPs

3
Countries

1341 kB
Transfer

3898 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://blossomthemes.com/
Title: Blossom Themes

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cn.multiplicandodinheiro.com/ 51 KB
12 KB 567ms
180ms Document
text/html 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) / PHP/7.4.33
Resource Hash: 2f90b54f3a72ba143c7662bd4ecbd482f308e5594d038b501380f108c2bac8f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 25 Aug 2024 13:05:59 GMT
etag: "208-1724452433;br"
link: <https://cn.multiplicandodinheiro.com/wp-json/>; rel="https://api.w.org/"
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33

GET
H2 200 myad18865.js Show response
script.joinads.me/ 1 KB
1 KB 307ms
192ms Script
application/javascript 104.26.4.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/myad18865.js
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0763405ca2ce48e3074716012c11f97b04fd9220d20fe66904f7c299c9f18cca

Request headers

Referer: https://cn.multiplicandodinheiro.com/
Origin: https://cn.multiplicandodinheiro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 15 Aug 2024 14:01:03 GMT
server: cloudflare
etag: W/"66be0a1f-4a9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBR%2FapI5Vp8XRrO0pp8ExiD9PUTaV%2FIAQRoYHDGftESJjZDCOOv%2FYQXFmjHj5ls9P7XrkOijeXAIjMIz92pgf%2B%2FWz%2Baqp83YGatSn3oeFRVprDjKHnRxpR1eTicQYhXGqGGp"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31104000
cf-ray: 8b8bcbfc6f342cb1-DFW
access-control-allow-headers: Content-Type, Authorization
expires: Wed, 20 Aug 2025 13:05:59 GMT

GET
H2 200 style.min.css
cn.multiplicandodinheiro.com/wp-includes/css/dist/block-library/ 110 KB
13 KB 214ms
206ms Stylesheet
text/css 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: br
last-modified: Wed, 24 Jul 2024 04:20:06 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13654
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 styles.css
cn.multiplicandodinheiro.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
945 B 216ms
209ms Stylesheet
text/css 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.6
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:47:45 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 888
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 owl.carousel.min.css
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/css/ 3 KB
842 B 214ms
208ms Stylesheet
text/css 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/css/owl.carousel.min.css?ver=2.2.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: 8608c63311f463ed5cb19febda4aaedc756eba9516c345375e5a7e56ec67a46e

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:55 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 786
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 39 KB
2 KB 257ms
96ms Stylesheet
text/css 142.251.40.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMukta%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800%7CCormorant+Garamond%3Aregular

Requested by

Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.138 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f10.1e100.net

Software

ESF /

Resource Hash

d0b67005aa8a88321e631ce097c30b90763e77dec54161582f7d92f52e7f610b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 13:05:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 13:05:59 GMT

GET
H2 200 style.css
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/ 133 KB
18 KB 213ms
208ms Stylesheet
text/css 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/style.css?ver=6.6.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: cbb0585579472ab396551c63c2b2be671de99f7199f3a3363802efe0463c14c4

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:55 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18679
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 style.css
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pinit/ 12 KB
3 KB 344ms
340ms Stylesheet
text/css 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pinit/style.css?ver=1.0.5
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: 83ff06c238b9923efc34ae8f9a6597df28b3a17adf42b97866e20a0ffd6f9010

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:52 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2814
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 jquery.min.js Show response
cn.multiplicandodinheiro.com/wp-includes/js/jquery/ 86 KB
29 KB 345ms
342ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: br
last-modified: Tue, 29 Aug 2023 01:44:24 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29531
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 jquery-migrate.min.js Show response
cn.multiplicandodinheiro.com/wp-includes/js/jquery/ 13 KB
5 KB 401ms
397ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: br
last-modified: Fri, 09 Jun 2023 14:19:24 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4671
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 multiplicando-dinheiro-high-resolution-logo-transparent-1.png
cn.multiplicandodinheiro.com/wp-content/uploads/2024/06/ 47 KB
47 KB 401ms
398ms Image
image/png 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cn.multiplicandodinheiro.com/wp-content/uploads/2024/06/multiplicando-dinheiro-high-resolution-logo-transparent-1.png
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: e92a6d1b5dc3bcbf55f5ffe8ea16fcbcb8a54d44b50e4d92972eb5a29b76fd7f

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
last-modified: Tue, 25 Jun 2024 13:23:57 GMT
server: TurboCloud (turbocloud.com.br)
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 47698
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 01cf9c4c-14a3-4fec-a0b0-4d32020f6c24-375x450.webp
cn.multiplicandodinheiro.com/wp-content/uploads/2024/06/ 45 KB
45 KB 400ms
397ms Image
image/webp 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cn.multiplicandodinheiro.com/wp-content/uploads/2024/06/01cf9c4c-14a3-4fec-a0b0-4d32020f6c24-375x450.webp
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: df085de45990a1590640e0b6fd1b2e4027e2a4376ca4d4e5b3651af14268063e

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
last-modified: Tue, 25 Jun 2024 18:07:36 GMT
server: TurboCloud (turbocloud.com.br)
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 45756
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 index.js Show response
cn.multiplicandodinheiro.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 466ms
464ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.6
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:05:59 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:47:45 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3211
expires: Sun, 01 Sep 2024 13:05:59 GMT

GET
H2 200 index.js Show response
cn.multiplicandodinheiro.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 176ms
176ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:47:45 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3912
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET
H3 200 owl.carousel.min.js Show response
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/ 42 KB
11 KB 174ms
172ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/owl.carousel.min.js?ver=2.0.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:55 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 10513
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET
H3 200 custom.js Show response
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pinit/js/ 1 KB
507 B 193ms
188ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pinit/js/custom.js?ver=1.0.5
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: c61ec74aecaf182dab6dfc17aeccc7be7424bc055bceaaf51bc808bba10c1679

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:52 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 462
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET
H3 200 all.min.js Show response
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/ 2 MB
591 KB 202ms
198ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/all.min.js?ver=6.1.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: c1b79a046062699d13f8f357fe188c26f595c3166016b3010efed03189a400d3

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:55 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 604324
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET
H3 200 v4-shims.min.js Show response
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/ 26 KB
7 KB 180ms
176ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/v4-shims.min.js?ver=6.1.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: 74110cf04c05b69b63f47ec3b5d7abb4fc7cefcf82a5bc8001c35eb501cc2d04

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:55 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7021
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET
H3 200 owlcarousel2-a11ylayer.min.js Show response
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/ 4 KB
1 KB 191ms
187ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: e3722052d34b931f3204a6ba64f98635ff9832ee9ad971ec881bd86b0f83c8ad

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:55 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1149
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET
H3 200 imagesloaded.min.js Show response
cn.multiplicandodinheiro.com/wp-includes/js/ 5 KB
2 KB 191ms
187ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 02:48:26 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1678
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET
H3 200 masonry.min.js Show response
cn.multiplicandodinheiro.com/wp-includes/js/ 24 KB
7 KB 193ms
189ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Sun, 14 Jun 2020 03:23:28 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7078
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET
H3 200 custom.min.js Show response
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/ 3 KB
1 KB 545ms
542ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/custom.min.js?ver=1.0.5
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: 52a1b9a9038920c951ea0d763443a7be4326d9203f447b194281fb933c15dbe7

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:55 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1096
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET
H3 200 modal-accessibility.min.js Show response
cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/ 6 KB
2 KB 200ms
197ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/themes/blossom-pin/js/modal-accessibility.min.js?ver=1.0.5
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: ce9c2f5e20727439285b83e64b2e18337dbacdbc7f6ca55609f4c6af366d577d

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 13:22:55 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1859
expires: Sun, 01 Sep 2024 13:06:00 GMT

GET d239d9bf-5a84-4260-9077-4d7359a08a4a
https://cn.multiplicandodinheiro.com/ Frame 0
0

GET
H2 200 core.2.2.js Show response
script.joinads.me/ 35 KB
8 KB 176ms
174ms Script
application/javascript 104.26.4.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/core.2.2.js
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b0de7350f1a238c643817bbd74691687318e5b65eb833e6332ebf646862a86d

Request headers

Referer: https://script.joinads.me/myad18865.js
Origin: https://cn.multiplicandodinheiro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Wed, 14 Aug 2024 12:25:22 GMT
server: cloudflare
etag: W/"66bca232-8a3f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HJmtnjrTF8xnSRo34eVjq6flYqBcAkmzrOLUkfdbXGbf72hPTwAqojcX%2F%2FDfg1e%2BJHMdWE4FyuM7vH4iCazcxFXVcGloQMia3rk8Njx%2BwlZhKp1joFLAaL0xZR%2F4YEf4jwow"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31104000
cf-ray: 8b8bcbfda8262cb1-DFW
access-control-allow-headers: Content-Type, Authorization
expires: Wed, 20 Aug 2025 13:06:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 252 KB
90 KB 291ms
113ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMPVLRPM

Requested by

Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

16d9f1c107176e27febf0a68336824def96a7b6410a825834a65ad1cfa44868f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91457
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 13:06:00 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 263ms
108ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMukta%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800%7CCormorant+Garamond%3Aregular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cn.multiplicandodinheiro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 06:47:40 GMT
x-content-type-options: nosniff
age: 195500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 06:47:40 GMT

GET
H2 200 co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ 20 KB
21 KB 228ms
73ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantgaramond/v16/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cn.multiplicandodinheiro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 07:03:03 GMT
x-content-type-options: nosniff
age: 194577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20648
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:18:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 07:03:03 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 102 KB
32 KB 328ms
142ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/core.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

0fb13079eef98fe00c80bd66035d8fcf2872de67cd484b18a49f96db75821b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32338
x-xss-protection: 0
server: cafe
etag: 143 / 19960 / m202408200101 / config-hash: 2814489205105287861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Aug 2024 13:06:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 143ms
68ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMPVLRPM

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 13:06:00 GMT
document-policy: force-load-at-top
x-fb-server-load: 63
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=4293, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Tu5RlodKCb2RCpkmsboY1+ZtEzPLPTqaXuGPgngN/QvbTEtZA/IsUjRV6pNSQ5N61IuxiN6uO1Hn+A1dSaDfEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/ 478 KB
149 KB 207ms
68ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

ebab3ceb33eb45bd6eb4ae7e894f083a64cbbfb9f323766abdf30c340629de6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 10:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9532
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152188
x-xss-protection: 0
server: cafe
etag: 17432397005842241520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 25 Aug 2025 10:27:08 GMT

GET
H3 200 1969329470162641 Show response
connect.facebook.net/signals/config/ 62 KB
12 KB 149ms
148ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1969329470162641?v=2.9.165&r=stable&domain=cn.multiplicandodinheiro.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

7c7b500baa001a39ae2c10a2841f128aeb651a37d62ba1409300b779f0d4d59d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 13:06:00 GMT
document-policy: force-load-at-top
x-fb-server-load: 70
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=69, rtx=0, c=74, mss=1232, tbw=66869, tp=62, tpl=0, uplat=80, ullat=1
pragma: public
x-fb-debug: 35BEbXwTENabwU3KqGUtkX2VhJ56Sa3jKVZxJJHgDlwKD7+/bsGc9gtoKWVAL0N9B3IHnFpQBoncpAYcFlAM0A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 207ms
69ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1969329470162641&ev=PageView&dl=https%3A%2F%2Fcn.multiplicandodinheiro.com%2F&rl=&if=false&ts=1724591161011&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1724591161006.576778371667386852&ler=empty&cdl=API_unavailable&it=1724591160813&coo=false&tm=1&rqm=GET

Requested by

Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1380, tbw=2786, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 13:06:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 323ms
186ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1969329470162641&ev=PageView&dl=https%3A%2F%2Fcn.multiplicandodinheiro.com%2F&rl=&if=false&ts=1724591161011&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1724591161006.576778371667386852&ler=empty&cdl=API_unavailable&it=1724591160813&coo=false&tm=1&rqm=FGET

Requested by

Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 13:06:01 GMT
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407062637346700777", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1380, tbw=3104, tp=-1, tpl=-1, uplat=117, ullat=0
pragma: no-cache
x-fb-debug: 8CfNMCV0p/HGGv05OCeSw/4NQ6tiknJMCvDahce7CboXOjtAqboXBQYOo60FiEwQEAkCVtUpjNVXmh/XChIuDA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407062637346700777"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 22088551542 Show response
fundingchoicesmessages.google.com/i/ 202 KB
67 KB 266ms
115ms Script
application/javascript 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22088551542?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

37f1cbd16d3873841f19728fac8b3637d272f165be27a9bcfe54c6e593873464

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ovArrF2wmK3dDJ418YFWaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ovArrF2wmK3dDJ418YFWaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh2PnjTXb2ARmTHk7m1FJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDC0FLPwCS-wAAAB4w-eA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
cn.multiplicandodinheiro.com/wp-includes/js/ 18 KB
5 KB 174ms
172ms Script
application/javascript 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: cn.multiplicandodinheiro.com
URL: https://cn.multiplicandodinheiro.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:01 GMT
content-encoding: br
last-modified: Tue, 13 Feb 2024 23:06:08 GMT
server: TurboCloud (turbocloud.com.br)
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4619
expires: Sun, 01 Sep 2024 13:06:01 GMT

GET
H2 200 iJWHBXyXfDDVXbEyjmmd8WA.woff2
fonts.gstatic.com/s/mukta/v14/ 21 KB
21 KB 72ms
70ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mukta/v14/iJWHBXyXfDDVXbEyjmmd8WA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

43444952c2bb8f992179b174a74e1d4984a2af8dff25066f95ff93b8abaa223e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cn.multiplicandodinheiro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 09:41:46 GMT
x-content-type-options: nosniff
age: 185055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21276
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:57:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 09:41:46 GMT

GET
H2 200 AGSKWxWomlDVCGoNGvSTbZW653zsW7ouwb0ldfzVDIalD6Zyol2tZxjq3A4Kg0pcEbWrPJr-aUYCK_Xc7I2auQejjwNR_V-soVMD3tJbeCetAMR3EUKibjOw9cRklewti3_d6mmJyCBWWA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 110ms
109ms Script
application/javascript 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWomlDVCGoNGvSTbZW653zsW7ouwb0ldfzVDIalD6Zyol2tZxjq3A4Kg0pcEbWrPJr-aUYCK_Xc7I2auQejjwNR_V-soVMD3tJbeCetAMR3EUKibjOw9cRklewti3_d6mmJyCBWWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NTkxMTYxLDQ5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jbi5tdWx0aXBsaWNhbmRvZGluaGVpcm8uY29tLyIsbnVsbCxbWzgsIm5FZjhNckk4cXhRIl0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzIyLCJ0cnVlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.nEf8MrI8qxQ.es5.O/am=rGA/d=1/rs=AJlcJMxTQrgXGg_aot8evW1yAX3Z_mVnYw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

4f57ac4d0856d6a875e5240bdf31a451d7db52538dff5d83301cda2ec56fee29

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-sRb8ZSny1sRBoxqLeUhYcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-sRb8ZSny1sRBoxqLeUhYcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh2PnjTXb2AQaGhd0MylpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGFgYWuoZmMQXGAAA8CE98g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 5AA3 0
0 206ms
69ms Document
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29261
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 12:50:35 GMT
expires: Sun, 25 Aug 2024 13:40:35 GMT
last-modified: Mon, 19 Aug 2024 19:44:00 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 multiplicando-dinheiro-favicon-color-1-60x60.png
cn.multiplicandodinheiro.com/wp-content/uploads/2024/06/ 3 KB
3 KB 172ms
171ms Other
image/png 203.159.80.211
Gamers Club Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.multiplicandodinheiro.com/wp-content/uploads/2024/06/multiplicando-dinheiro-favicon-color-1-60x60.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 203.159.80.211 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR),
Reverse DNS: br.jyn5040.com.br
Software: TurboCloud (turbocloud.com.br) /
Resource Hash: de58f8ff5cb6cb738cc5c1896931c424508477815f1936d44c575cb43a3ebc4e

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:01 GMT
last-modified: Tue, 25 Jun 2024 13:24:30 GMT
server: TurboCloud (turbocloud.com.br)
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3083
expires: Sun, 01 Sep 2024 13:06:01 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 294ms
130ms Fetch
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s78-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 pencilad. Show response
fundingchoicesmessages.google.com/f/AGSKWxVrArnINf5W0o01h7yq0vYyrI0VRDrFJgdffXybI8QPPr5WFOo0NaDYrOwZRHJb7_U8w8cqYwYimBNXb9GkGsXlcUzbXHWY5KW2ApUsqMZomqFyQlqXbJXmtCOeCat9atx3j63NzUsog2rDhJ5XBj0RcKAnw... 54 B
109 B 121ms
115ms Script
application/javascript 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVrArnINf5W0o01h7yq0vYyrI0VRDrFJgdffXybI8QPPr5WFOo0NaDYrOwZRHJb7_U8w8cqYwYimBNXb9GkGsXlcUzbXHWY5KW2ApUsqMZomqFyQlqXbJXmtCOeCat9atx3j63NzUsog2rDhJ5XBj0RcKAnwlnD9UvHZni8vQPP0kajM_vj20VC62DC/_/adsdaqbox_/vpaidadrenderer./130x600-/pencilad.?adpage=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.nEf8MrI8qxQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwiNORm21cHcsUw0ERxtgDNzwwHHw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

409500261e477a1243614c0db337be6d1e80639e7ebe9adcebb19525c3f638fe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RcskRjZfrtO2EgJSU48eXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RcskRjZfrtO2EgJSU48eXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh2PXjTXb2AQ6tiztZlTSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwtNQzMIkvMAAA_f4-Ng"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 70 KB
26 KB 211ms
70ms Script
text/javascript 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

aa323d68f9116a8e26b414c05f39363e18d5aaadb03435f2b19e9e2f00e9b091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 12:29:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26101
x-xss-protection: 0
server: cafe
etag: 6785936172947820940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Aug 2024 13:29:19 GMT

POST
H3 204 AGSKWxXfEtRTXO_ElqMM8o7F1sTz4si4cSqtXQq8VIyNitoKMlB70bxK1KjlViMgh_zBGGDcm0AVceJhSKBsFPyDheCu7bzTSyGeRPqa-dxDiTzHI6MIira58ud3pY5rFQPdTnMJTHmDDg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 248ms
95ms XHR
text/html 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfEtRTXO_ElqMM8o7F1sTz4si4cSqtXQq8VIyNitoKMlB70bxK1KjlViMgh_zBGGDcm0AVceJhSKBsFPyDheCu7bzTSyGeRPqa-dxDiTzHI6MIira58ud3pY5rFQPdTnMJTHmDDg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DvX07Nnrn73Ra68iKKn49g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Aug 2024 13:06:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-DvX07Nnrn73Ra68iKKn49g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDh23VizjU1gRs-2U4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshIz8A8vsAAAFWBLg0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cn.multiplicandodinheiro.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfEtRTXO_ElqMM8o7F1sTz4si4cSqtXQq8VIyNitoKMlB70bxK1KjlViMgh_zBGGDcm0AVceJhSKBsFPyDheCu7bzTSyGeRPqa-dxDiTzHI6MIira58ud3pY5rFQPdTnMJTHmDDg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VyNkekzwsakCxCxql_rGNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Aug 2024 13:06:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VyNkekzwsakCxCxql_rGNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDh23VizjU1gRv-y84xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshIz8A8vsAAAFK_LgQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cn.multiplicandodinheiro.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfEtRTXO_ElqMM8o7F1sTz4si4cSqtXQq8VIyNitoKMlB70bxK1KjlViMgh_zBGGDcm0AVceJhSKBsFPyDheCu7bzTSyGeRPqa-dxDiTzHI6MIira58ud3pY5rFQPdTnMJTHmDDg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mc6BOTlmv_PU82E5pNRukw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Aug 2024 13:06:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mc6BOTlmv_PU82E5pNRukw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDh23VizjU1gwtTeP4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshIz8A8vsAAAGAaLig"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cn.multiplicandodinheiro.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfEtRTXO_ElqMM8o7F1sTz4si4cSqtXQq8VIyNitoKMlB70bxK1KjlViMgh_zBGGDcm0AVceJhSKBsFPyDheCu7bzTSyGeRPqa-dxDiTzHI6MIira58ud3pY5rFQPdTnMJTHmDDg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wHYbyqhVuBOy20_tpwjN0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Aug 2024 13:06:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-wHYbyqhVuBOy20_tpwjN0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDh23VizjU3gw7yVfxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGRnoF5fIEBAIGoLqI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cn.multiplicandodinheiro.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWts2XQClEfYrTD12-Yv3k_OKzl_BpKq6o1Or6Omuw3EN8Z-rG1XP4K-mKdbLgY5VpfizUEYZB48Jns1Np3TP1wD2RSDcDOP_z6TnnQgmGfzWfIWaoIi4p_WlBkk7N_FemtQQDtwA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 119ms
117ms Script
application/javascript 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWts2XQClEfYrTD12-Yv3k_OKzl_BpKq6o1Or6Omuw3EN8Z-rG1XP4K-mKdbLgY5VpfizUEYZB48Jns1Np3TP1wD2RSDcDOP_z6TnnQgmGfzWfIWaoIi4p_WlBkk7N_FemtQQDtwA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NTkxMTYyLDQ3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vY24ubXVsdGlwbGljYW5kb2RpbmhlaXJvLmNvbS8iLG51bGwsW1s4LCJuRWY4TXJJOHF4USJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

1d1d16d3ef4328587732085793235ec2d6aedf4c717d6d1f8159a36d8918dd13

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pymgIln_Y-nfh6_rrh7fiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pymgIln_Y-nfh6_rrh7fiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmII1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh2PXjTXb2ARurNjSxqSkkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBhaKlnYBJfYAAAFAs-kg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 230ms
91ms Ping
image/gif 142.250.69.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m09l1tgq&ctx=0&met.9=1.19a~2.1kk
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.69.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcphxq-aa-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 13:06:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfEtRTXO_ElqMM8o7F1sTz4si4cSqtXQq8VIyNitoKMlB70bxK1KjlViMgh_zBGGDcm0AVceJhSKBsFPyDheCu7bzTSyGeRPqa-dxDiTzHI6MIira58ud3pY5rFQPdTnMJTHmDDg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8SlPZYISGmXoxjTO503zJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Aug 2024 13:06:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8SlPZYISGmXoxjTO503zJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDh23VizjU2gYe3GHUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshIz8A8vsAAAFUVLgc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cn.multiplicandodinheiro.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU0QQiX6YM1pDkyZxTKCx1ep4YK-pM7ggyTXEo5C-Ht0wtk37SLZecwo78tnFFZ180zk8ne1EAkrpktEvoFHqjekSdDUT4kLOoXDdB8YW_zc6sP0U1r0Vniav7RvMyEXS6u9UMlCQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 114ms
113ms Script
application/javascript 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU0QQiX6YM1pDkyZxTKCx1ep4YK-pM7ggyTXEo5C-Ht0wtk37SLZecwo78tnFFZ180zk8ne1EAkrpktEvoFHqjekSdDUT4kLOoXDdB8YW_zc6sP0U1r0Vniav7RvMyEXS6u9UMlCQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NTkxMTYyLDYwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxNV0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vY24ubXVsdGlwbGljYW5kb2RpbmhlaXJvLmNvbS8iLG51bGwsW1s4LCJuRWY4TXJJOHF4USJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzIsIltudWxsLFtudWxsLDEsWzE3MjQ1OTExNjIsNTM5NjY1MDAwXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

b1d6187e1c50551d15dcdb5f38a8314804a1e204c455ce703deb65a911cd027f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UpNFBhAeLs6kEzDMX8bO9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:06:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UpNFBhAeLs6kEzDMX8bO9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh2PXjTXb2ARWrFh_kElJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDC0FLPwCS-wAAAEQY-kg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV9MGyb2zGQlejowd5yFCC5zDHvKg2va4yCJzxLMwkSHfDNPVTatBDY9ErCxXKo_cs0HOduiE9dmPm1raEDX5ciuaxb84KJf9BETBCCuXN31qIEIJzfS2yYbV175vjRcOOn7ZoPzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 93ms
92ms XHR
text/html 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9MGyb2zGQlejowd5yFCC5zDHvKg2va4yCJzxLMwkSHfDNPVTatBDY9ErCxXKo_cs0HOduiE9dmPm1raEDX5ciuaxb84KJf9BETBCCuXN31qIEIJzfS2yYbV175vjRcOOn7ZoPzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MjlCDJUjMqFkqfJDFxDWPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Aug 2024 13:06:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MjlCDJUjMqFkqfJDFxDWPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDh23VizjU3gxuqXH5mUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGRnoF5fIEBAJGRLtU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cn.multiplicandodinheiro.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK pages Show response
pageview.joinads.me/api/ 57 B
1 KB 82ms
80ms Fetch
application/json 165.232.128.151
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pageview.joinads.me/api/pages
Requested by: Host: script.joinads.me
URL: https://script.joinads.me/core.2.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 165.232.128.151 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 40aeb6f4ca429a883ffd8b6cd4111d63a1a9b56677451bc6b1d7d4eb7622c87c

Request headers

Referer: https://cn.multiplicandodinheiro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 25 Aug 2024 13:06:04 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PUT, POST, DELETE, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Authorization, Content-Type

OPTIONS
H/1.1 204
No Content pages
pageview.joinads.me/api/ Frame 0
0 244ms
76ms Preflight
text/html 165.232.128.151
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pageview.joinads.me/api/pages
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 165.232.128.151 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cn.multiplicandodinheiro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Aug 2024 13:06:04 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Access-Control-Request-Method, Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cn.multiplicandodinheiro.com
URL: blob:https://cn.multiplicandodinheiro.com/d239d9bf-5a84-4260-9077-4d7359a08a4a

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.multiplicandodinheiro.com/	1970-01-21 01:12:47	Name: _gcl_au Value: 1.1.365453763.1724591161
.multiplicandodinheiro.com/	1970-01-21 01:12:47	Name: _fbp Value: fb.1.1724591161006.576778371667386852
.multiplicandodinheiro.com/	1970-01-21 07:48:47	Name: FCNEC Value: %5B%5B%22AKsRol-o3HGWTcu1YjXWRrsxZI6o3haemZCbmQXqZARfzfJXgKKZspW1YeRyFr3MoBRDOYHDLjv9nbDMck3SB0U3gX7Ys2WPfyttHYk-6Gp6GuIUJaTDFLDn3JRv4buT0shoJzSBNqy7X-Th5IeD6vCcPP1QEs76vg%3D%3D%22%5D%2Cnull%2C%5B%5B2%2C%22%5Bnull%2C%5Bnull%2C1%2C%5B1724591162%2C539665000%5D%5D%5D%22%5D%5D%5D
cn.multiplicandodinheiro.com/	1970-01-20 23:03:11	Name: _idpg Value: 66cb2c3cb0c78e193700562f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cn.multiplicandodinheiro.com
connect.facebook.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
pageview.joinads.me
script.joinads.me
securepubads.g.doubleclick.net
www.facebook.com
www.googletagmanager.com
www.googletagservices.com
cn.multiplicandodinheiro.com
104.26.4.85
142.250.64.110
142.250.64.99
142.250.69.3
142.250.72.98
142.250.80.34
142.250.81.232
142.251.35.162
142.251.40.138
165.232.128.151
203.159.80.211
31.13.71.36
31.13.71.7
0763405ca2ce48e3074716012c11f97b04fd9220d20fe66904f7c299c9f18cca
0fb13079eef98fe00c80bd66035d8fcf2872de67cd484b18a49f96db75821b8d
16d9f1c107176e27febf0a68336824def96a7b6410a825834a65ad1cfa44868f
1d1d16d3ef4328587732085793235ec2d6aedf4c717d6d1f8159a36d8918dd13
2f90b54f3a72ba143c7662bd4ecbd482f308e5594d038b501380f108c2bac8f0
37f1cbd16d3873841f19728fac8b3637d272f165be27a9bcfe54c6e593873464
409500261e477a1243614c0db337be6d1e80639e7ebe9adcebb19525c3f638fe
40aeb6f4ca429a883ffd8b6cd4111d63a1a9b56677451bc6b1d7d4eb7622c87c
43444952c2bb8f992179b174a74e1d4984a2af8dff25066f95ff93b8abaa223e
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f57ac4d0856d6a875e5240bdf31a451d7db52538dff5d83301cda2ec56fee29
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52a1b9a9038920c951ea0d763443a7be4326d9203f447b194281fb933c15dbe7
74110cf04c05b69b63f47ec3b5d7abb4fc7cefcf82a5bc8001c35eb501cc2d04
7c7b500baa001a39ae2c10a2841f128aeb651a37d62ba1409300b779f0d4d59d
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
83ff06c238b9923efc34ae8f9a6597df28b3a17adf42b97866e20a0ffd6f9010
8608c63311f463ed5cb19febda4aaedc756eba9516c345375e5a7e56ec67a46e
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
9b0de7350f1a238c643817bbd74691687318e5b65eb833e6332ebf646862a86d
a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf
aa323d68f9116a8e26b414c05f39363e18d5aaadb03435f2b19e9e2f00e9b091
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1d6187e1c50551d15dcdb5f38a8314804a1e204c455ce703deb65a911cd027f
b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1b79a046062699d13f8f357fe188c26f595c3166016b3010efed03189a400d3
c61ec74aecaf182dab6dfc17aeccc7be7424bc055bceaaf51bc808bba10c1679
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb0585579472ab396551c63c2b2be671de99f7199f3a3363802efe0463c14c4
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
ce9c2f5e20727439285b83e64b2e18337dbacdbc7f6ca55609f4c6af366d577d
d0b67005aa8a88321e631ce097c30b90763e77dec54161582f7d92f52e7f610b
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
de58f8ff5cb6cb738cc5c1896931c424508477815f1936d44c575cb43a3ebc4e
df085de45990a1590640e0b6fd1b2e4027e2a4376ca4d4e5b3651af14268063e
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3722052d34b931f3204a6ba64f98635ff9832ee9ad971ec881bd86b0f83c8ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92a6d1b5dc3bcbf55f5ffe8ea16fcbcb8a54d44b50e4d92972eb5a29b76fd7f
ebab3ceb33eb45bd6eb4ae7e894f083a64cbbfb9f323766abdf30c340629de6d

cn.multiplicandodinheiro.com Open in urlscan Pro 203.159.80.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

0 %IPv6

11 Domains

13 Subdomains

14 IPs

3 Countries

1341 kBTransfer

3898 kBSize

4 Cookies

2 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cn.multiplicandodinheiro.com Open in urlscan Pro
203.159.80.211 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

14
IPs

3
Countries

1341 kB
Transfer

3898 kB
Size

4
Cookies

54 HTTP transactions
0 data transactions