www.istoedinheiro.com.br Open in urlscan Pro
34.149.44.99 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Submission: On April 04 via api (April 4th 2022, 3:51:58 pm UTC) from US — Scanned from DE

Summary HTTP 432 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 68 IPs in 8 countries across 53 domains to perform 432 HTTP transactions. The main IP is 34.149.44.99, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.istoedinheiro.com.br. The Cisco Umbrella rank of the primary domain is 191507.
TLS certificate: Issued by GTS CA 1D4 on March 6th 2022. Valid for: 3 months.

This is the only time www.istoedinheiro.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	34.149.44.99 34.149.44.99	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	192.95.31.56 192.95.31.56	16276 (OVH) (OVH)
26	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	54.205.191.18 54.205.191.18	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.1.252.251 52.1.252.251	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
10	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 7	99.86.7.129 99.86.7.129	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
94	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.66.123 65.9.66.123	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	99.86.7.26 99.86.7.26	16509 (AMAZON-02) (AMAZON-02)
1	23.35.229.151 23.35.229.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	108.157.4.15 108.157.4.15	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.121 18.66.248.121	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	34.192.67.210 34.192.67.210	14618 (AMAZON-AES) (AMAZON-AES)
3 6	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
51	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 3	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	23.35.229.86 23.35.229.86	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:ec00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 27	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 4	23.35.228.247 23.35.228.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	99.86.7.88 99.86.7.88	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.156.255.177 108.156.255.177	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	52.29.167.104 52.29.167.104	16509 (AMAZON-02) (AMAZON-02)
4 4	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2	16509 (AMAZON-02) (AMAZON-02)
11	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
8	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5 5	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	52.215.248.120 52.215.248.120	16509 (AMAZON-02) (AMAZON-02)
1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	2600:1f18:612... 2600:1f18:612b:4264:cf98:6d7b:6943:bef0	14618 (AMAZON-AES) (AMAZON-AES)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4 5	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3	18.194.56.109 18.194.56.109	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	96.16.141.156 96.16.141.156	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
432	68

35 34.149.44.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.44.149.34.bc.googleusercontent.com

www.istoedinheiro.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.95.31.56 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns510949.ip-192-95-31.net

api.grumft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.191.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-191-18.compute-1.amazonaws.com

nave.foone.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com

wfpscripts.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.86.7.129 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-129.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-26.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-121.dus51.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.67.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-67-210.compute-1.amazonaws.com

webservices.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:3175:5196:e3fd:8c1d (United States) 3 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:ec00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.228.247 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-88.fra6.r.cloudfront.net

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-177.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.167.104 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-167-104.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.191 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.78 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.248.120 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-248-120.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4264:cf98:6d7b:6943:bef0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.94.180.125 (Amsterdam, Netherlands) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.194.56.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-56-109.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.141.156 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.32 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
108	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1049 trc.taboola.com — Cisco Umbrella Rank: 645 15.taboola.com — Cisco Umbrella Rank: 1847 am-trc-events.taboola.com — Cisco Umbrella Rank: 15708 images.taboola.com — Cisco Umbrella Rank: 1551 vidstat.taboola.com — Cisco Umbrella Rank: 1883 imprammp.taboola.com — Cisco Umbrella Rank: 12007 am-match.taboola.com — Cisco Umbrella Rank: 12278 wf.taboola.com — Cisco Umbrella Rank: 2277 am-vid-events.taboola.com — Cisco Umbrella Rank: 11590 sync-t1.taboola.com — Cisco Umbrella Rank: 1267 sync.taboola.com — Cisco Umbrella Rank: 963 pips.taboola.com — Cisco Umbrella Rank: 1727 cds.taboola.com — Cisco Umbrella Rank: 1451	3 MB
79	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 125	591 KB
58	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 ad.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	370 KB
35	istoedinheiro.com.br www.istoedinheiro.com.br — Cisco Umbrella Rank: 191507	342 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 pix.eu.criteo.net — Cisco Umbrella Rank: 7880 csm.eu.criteo.net — Cisco Umbrella Rank: 7886	123 KB
13	rubiconproject.com 6 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 348 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1110 eus.rubiconproject.com — Cisco Umbrella Rank: 551 token.rubiconproject.com — Cisco Umbrella Rank: 669	24 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	267 KB
10	addthis.com 4 redirects s7.addthis.com — Cisco Umbrella Rank: 1506 m.addthis.com — Cisco Umbrella Rank: 1443 api-public.addthis.com — Cisco Umbrella Rank: 4100 e.dlx.addthis.com — Cisco Umbrella Rank: 1776	222 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	2 KB
7	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 132	5 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	245 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	129 KB
6	quantserve.com 3 redirects secure.quantserve.com — Cisco Umbrella Rank: 962 pixel.quantserve.com — Cisco Umbrella Rank: 418 cms.quantserve.com — Cisco Umbrella Rank: 1104	12 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3048 onesignal.com — Cisco Umbrella Rank: 1156 img.onesignal.com — Cisco Umbrella Rank: 6512	88 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	5 KB
5	spotxchange.com 4 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 515	3 KB
5	pubmatic.com 5 redirects image6.pubmatic.com — Cisco Umbrella Rank: 610	2 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 8069 www.google.de — Cisco Umbrella Rank: 5640	2 KB
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 1485	542 B
4	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 599	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	4 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 285	660 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 326	793 B
3	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3318	547 B
3	agkn.com 3 redirects d.agkn.com — Cisco Umbrella Rank: 546	2 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14133 ads.eu.criteo.com — Cisco Umbrella Rank: 7887 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10021	47 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	3 KB
3	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 17828 cdn.firstimpression.io — Cisco Umbrella Rank: 17918	217 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 624 script.hotjar.com — Cisco Umbrella Rank: 958 vars.hotjar.com — Cisco Umbrella Rank: 1008	66 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
2	smartadserver.com 1 redirects www8.smartadserver.com — Cisco Umbrella Rank: 5280	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	902 B
2	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 1481	684 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	427 B
2	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3525	32 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	114 KB
2	webspectator.com wfpscripts.webspectator.com — Cisco Umbrella Rank: 121548 webservices.webspectator.com — Cisco Umbrella Rank: 103610	1 KB
2	foone.com.br nave.foone.com.br	22 KB
2	grumft.com api.grumft.com — Cisco Umbrella Rank: 292528	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 229	5 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 906	609 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3303	375 B
1	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 290	36 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 431	9 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	50 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 894	430 B
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1235	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	247 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1706	728 B
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 22234	2 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 374	1 KB
1	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 5643	6 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
432	53

	Domain	Requested by
51	tpc.googlesyndication.com	da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com www.istoedinheiro.com.br googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
35	www.istoedinheiro.com.br	www.istoedinheiro.com.br
32	trc.taboola.com	cdn.taboola.com www.istoedinheiro.com.br
27	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net www.istoedinheiro.com.br
26	pagead2.googlesyndication.com	www.istoedinheiro.com.br pagead2.googlesyndication.com da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
25	images.taboola.com	www.istoedinheiro.com.br
16	cdn.taboola.com	www.istoedinheiro.com.br cdn.taboola.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com www.istoedinheiro.com.br googleads.g.doubleclick.net www.googletagservices.com
10	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
9	fonts.gstatic.com	fonts.googleapis.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.istoedinheiro.com.br ecdn.firstimpression.io
8	static.criteo.net	ads.eu.criteo.com
7	pix.eu.criteo.net	ads.eu.criteo.com
7	sb.scorecardresearch.com	2 redirects www.istoedinheiro.com.br wfpscripts.webspectator.com
7	www.googletagservices.com	www.istoedinheiro.com.br da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	fonts.googleapis.com	www.istoedinheiro.com.br googleads.g.doubleclick.net
5	sync.search.spotxchange.com	4 redirects imprammp.taboola.com
5	imprammp.taboola.com	www.istoedinheiro.com.br vidstat.taboola.com
5	image6.pubmatic.com	5 redirects
5	15.taboola.com	cdn.taboola.com
5	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com
5	www.google.com	www.istoedinheiro.com.br da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	eus.rubiconproject.com	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com
4	rtb.openx.net	googleads.g.doubleclick.net
4	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
4	e.dlx.addthis.com	4 redirects
4	cms.quantserve.com	3 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	s7.addthis.com	www.istoedinheiro.com.br s7.addthis.com
3	x.bidswitch.net	imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
3	am-vid-events.taboola.com	www.istoedinheiro.com.br vidstat.taboola.com
3	am-trc-events.taboola.com	www.istoedinheiro.com.br
3	d.agkn.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	ad.doubleclick.net	1 redirects www.istoedinheiro.com.br
3	onesignal.com	cdn.onesignal.com
3	www.google-analytics.com	www.istoedinheiro.com.br www.google-analytics.com
2	www8.smartadserver.com	1 redirects
2	token.rubiconproject.com	eus.rubiconproject.com
2	secure-assets.rubiconproject.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	sync-t1.taboola.com	am-match.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	ag.innovid.com	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.facebook.com	www.istoedinheiro.com.br
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	ecdn.firstimpression.io	www.istoedinheiro.com.br ecdn.firstimpression.io
2	stats.g.doubleclick.net	www.google-analytics.com
2	da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	connect.facebook.net	www.istoedinheiro.com.br connect.facebook.net
2	cdn.onesignal.com	www.istoedinheiro.com.br cdn.onesignal.com
2	nave.foone.com.br	www.istoedinheiro.com.br nave.foone.com.br
2	api.grumft.com	www.istoedinheiro.com.br
1	img.onesignal.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	sync.taboola.com	am-match.taboola.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	api-public.addthis.com	s7.addthis.com
1	c.amazon-adsystem.com	ecdn.firstimpression.io
1	cdn.jsdelivr.net	ecdn.firstimpression.io
1	pixel.quantserve.com	www.istoedinheiro.com.br
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	s0.2mdn.net	da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com
1	rules.quantcount.com	secure.quantserve.com
1	widgets.outbrain.com	www.istoedinheiro.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vars.hotjar.com	static.hotjar.com
1	www.google.de	www.istoedinheiro.com.br
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	secure.quantserve.com	wfpscripts.webspectator.com
1	webservices.webspectator.com	wfpscripts.webspectator.com
1	ecdn.analysis.fi	www.istoedinheiro.com.br
1	z.moatads.com	s7.addthis.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.istoedinheiro.com.br
1	cdn.speedcurve.com	www.istoedinheiro.com.br
1	wfpscripts.webspectator.com	www.istoedinheiro.com.br
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
432	94

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.editora3.com.br
istoe.com.br
www.dinheirorural.com.br
www.revistamenu.com.br
motorshow.com.br
www.revistaplaneta.com.br
www.select.art.br
gooutside.com.br
hardcore.uol.com.br
runnersworld.com.br
revistawh.com.br
hardcore.com.br
www.linkedin.com
lp.edpedia.com.br
revistamenu.com.br
ad.doubleclick.net
popup.taboola.com
trc.taboola.com
om.elvenar.com
marketing.net.brillen.de
om.forgeofempires.com
info.geers.de

Subject Issuer	Validity	Valid
cms.editora3.com.br GTS CA 1D4	`2022-03-06` - `2022-06-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
api.grumft.com R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
nave.foone.com.br R3	`2022-01-29` - `2022-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.webspectator.com Go Daddy Secure Certificate Authority - G2	`2021-07-09` - `2022-07-11`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-12` - `2022-11-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-04-11`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
analysis.fi Amazon	`2021-12-04` - `2023-01-01`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2021-11-21` - `2022-12-05`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Frame ID: FA5B67FD946738D83CB00425FA319556
Requests: 218 HTTP requests in this frame

Frame: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7A5E19285CE301D012B08EED969E7E18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: 14CA63BB9E093EC920B5E81C7010DABC
Requests: 1 HTTP requests in this frame

Frame: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A186D25DE2A3DD6C998A4E1EC4A5A2F8
Requests: 15 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: A4134C8D3007D0940EFC895CBB5EC779
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 590D5E5A9981FC35F81F7AFFF5F2AF8B
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 778CD1B9B90BEC3AABC4C9DC6D709F54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&adk=1812271804&adf=3025194257&lmt=1649087510&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509706&bpp=3&bdt=565&idt=505&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b4da7b35deae1ff-2262634c6dcd0077%3AT%3D1649087508%3AS%3DALNI_MaZt5_quWYVPBLj-4J2jGFPQBINvA&nras=1&correlator=4328568371686&frm=20&pv=2&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=521
Frame ID: 1B5157BEE99608D25F99ABC99BC57BE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhiJ5I-_ATAB&v=APEucNVi4zArQok9MWAKkgHqtIi5v2CUv5ZwX0DZknEWBn8CiR13nf13-n7jJEkJlsho2YnctjC0k2Onxz5lnmbMZaKyftSz3VjXlYJF5pgicqtE54MBMVN3aWgvzCxJP2qTcB5uP3AvhFBt2c1ROGV0A2Ft1Q3yLQ9H9rchPytVVh0PakYSt68
Frame ID: 0073B83CF50E4F803E36A18C62FB4667
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: E9B36334046929E1B186B30A820F5958
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=4199536445&adf=946561708&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509709&bpp=2&bdt=568&idt=619&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Nr6cGydeN0&p=https%3A//www.istoedinheiro.com.br&dtd=632
Frame ID: ABBA760857A5B4A8255E6C44C4A39F53
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1592119126114388&output=html&h=200&slotname=1648434458&adk=1933033968&adf=3828634993&pi=t.ma~as.1648434458&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509711&bpp=1&bdt=570&idt=731&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=2&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=CGuyzHHzL1&p=https%3A//www.istoedinheiro.com.br&dtd=736
Frame ID: D7FE5FD33E7D6F9E233CF9B20BC62C8F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794
Frame ID: 0316BD335986D8B5273AB26E249D1AE1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837
Frame ID: E5FB62E68F6F25A8FC40827190F90EDE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890
Frame ID: F0A7BB5710495277477C23C4DA648275
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 21A9FF768708F45EA8DC8AD20F677460
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 70FABDC599CE7CFEC889F75CEDE5592B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63FCA4C323CEA61A62FF2C432531745B
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YksUFQAJ7vkAsxcCAAZWYuLx1VW9NQ3_UQUMUQ&u=%7CGjnHhBgZWfsbpdQAbHXJ6xTC4mN%2F3oRXiC0hYFtAU70%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8QZR6FdXOmBrvyVVpRhpfwse9jA8bZxuhvZnt5ReJqHhJ6uFWDhgGl-RiUD4XGs5LnZOf9APKAYmertOdVdypwLeDxB-J6Pt1w-UO6rQCsOnkYKQeC0L7msKGJ7lBzkR12why9Iz_iVymCeilAGtRBzN9-8eujaYrCsq3J_loW6Na8xF695Wvi4jmgBvkfIAV6Xshtdlp4dJuqvK1BvbC-7VR4X_XGp_8_yuKILvbODCFtXD9RR9LgH-MH-vFzbRliD7PDoturgcOzB1xQ2SEYSpsyi5T4_KpHDjKzZ7LjnIC9E3wTKrxh_8-X2TYGUqKp6ndRZplcYm9sfj4V9TxWjvpzBJEUpTWcbaB8SHZki2CpGpuorXmNQIzXAbr_C-bkSWwJAbswERfgU0rLy8u7sZua2A1lnVkA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4p6IFRRLYvndJ4KuzLUP4qyZ4AHJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTSgAdW20uoDyAEJqQIRY4ZOUXiyPqgDAaoEyAJP0CMwIvPW85KDfYbEQUkScJuIAW5aQANWAkZ4a0tIEBPX16g7x71mhaiw9sQDOZr5RSZwjpwuAth2xVLUV1kcmK5BodmbI9ti2QSZL_nlAOp0_wetbQiLlIvgWuvkc_T9LYJRxCw1dQ2aSe8MZC1-Mt9Q65uDwQactij9D6lBFluNo6jHiqcECFzsFFkwx7yiltiMAaio624xBMwl261OnYnNkyspFAaz0w2BOnHZW6eOy0KS9P9e5qAgV9ieq_EqsJogk-nFmt2ShCH8B1iblBJ6FMqOYTUvCgW7Xol_2YMNWgkmGaBYcdKJKFdSkJMCKrrxmwvRPGzxNjdA2RA45yTLpaWenWW9o4lL94OJ4mopXAEdGNsuI4UbPC1tbtfpbQTVq_4m2YFwZ23YH-jn99WXJgIMYDzTZGSklwEJvgpXffEVkP4XgAaLvozdwK6T2toBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Jbqi-_xqpwVn8_TYVYJ1rZPKW_w%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: D55A1C5C12D61EE348D67F2B23267D53
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 40FBE1BC2A223BF3B052D042D48C8031
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A142D54D68DF6EE52A009C8D9379C2B3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0A02EC417797376C7855247AE4111D04
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Frame ID: 2F75716759C04268FB42EEA44127669C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 831CCABF452C5F07CCEB34B805167508
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Frame ID: AD0FA396878728D1E9AEF97175C6FEE7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Frame ID: CE194DC32A5B97C18E8A205C0FFEA170
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Frame ID: AAE836A5FFA33911C8EC425CF73C4089
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=47A803F22301727701710271651&cicmp=1337627&cijs=1&dast=V7uaACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGrRbEAebGWWyGSx2k91sOVlOFsPlajZcwsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7chBE2nw-e61-t-v7vSc_q7TE670eW0_O0av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BAMVhUJab63L6BwDAwwMIAIAARggAqxy5CAAAAMAIAAAAAAmAQGJhCYDD3aIJAEDAX70RHs8JAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDHkPmC8k5t75AVUQFpESMAAACAbKDLhKNJnVBZVP3___9bAVwBAAT81RvhJWXdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANKElV4q0IJj6YTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAACwPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNrfQAwGA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnIIIvdXDaaK1aLuXKVAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Frame ID: 8D03D6D80D877A7204F2A7BBE506D1CB
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=70F8621DD23984420423645471&cicmp=1337627&cijs=1&dast=V7xKcCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGjeYEWeTxYhE2SyHo9FiudlNBqPlaLhZwsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7chBE2nw-e61-t-v7vSc_q7TE670eW0_O0av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BAMVhUJab63L6BwDAwwMIAIAARggAq9y5CAAAAMAIAAAAAAmAQGJhCYDD3aIJAEDAX70R3s8JAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDH0EOsh1unFSU3UQFzESMAAACAbKDLhKNJnVBZVP3___9bAVwBAAT81RvhdWXdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANKElV4q0IJj6YTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAICoPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNrfQAwGA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnIIIvdXDaaK1aLuXKVAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Frame ID: 4EF5757E1912E79D3BC3C31E9BCCD461
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=47A803F22301739181650934658&cicmp=1337627&cijs=1&dast=V7Ur0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGrRbEAebGWWyGSx2m-ViNxtNBsvRZjdcwsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7chBE2nw-e61-t-v7vSc_q7TE670eW0_O0av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BAMVhUJab63L6BwDAwwMIAIAARggA65yYCAAAAMAIAAAAAAmAQGJhCYDD3aIJAEDAX73RHscJAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDH0KwtsWnbbWwAUQFpESMAAACAbKDLhKNJnVBZVP3___9bAVwBAAT81RvtvWTdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANKElV4q0IJj6YTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAACHPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNrfQAwGA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnIIIvdXDaaK1aLuXKVAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Frame ID: A32D60A0E615615BD88D560F17508BD7
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=8DDD9543A5259959941359327716&cicmp=1337627&cijs=1&dast=V75VICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDgikZir0WbBmqyWy9VyuVksJovZbLgZDJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbQhB0-nwue71ut_vrvSc_i6T0250OS1_u8bvtkssfzkAAAAAPAAQtURD7Pg2tEcAAAAASPCMXCtQBFT8WwhcAAAAAGAAEIiFawBAcRiU5ea6nP4BAPDwAAIAIIARAsA6xyECAAAAMAIAAABAAiCQWFgC4HC3aAIAEPBXb5TndgIAAHBQJ_O0zfL___8fA5D33iQDQJG2cWPQA_DgA_AgBAAA8DHEKSgEfK9LM0tUsFfECAAAACAb6DLhaFInVBZV_____1YAVwAAAX_1RnrUWTcnxaxhAAAAAGML9LD4_WaHXeN3u-z_________3-z_DABNaMmVIi0Ipn5YjWfkWmHtFxAAgO3dAADeBOBiDsAOAAAA4O7___8_DwAAYGOPku21Gs8eZb3PYAuf091dvwlbjFaTyWY5nC0Xk8FwNByN9jcQg8EAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RAPqs6l83l1PjLIYjeXjeaK1WKuXCUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
Frame ID: EFEDBCBA55D54ABF2ED12A835779F09C
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8108245&crid=4906125&dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&cmcv=&pix=undefined&cb=1649087512574&uv=3154&tms=1649087512574&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!Noapp22_vA!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=70F8621DD239841061777935541&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D9A5E2A90E50DBDAC58C476F9A8111BA
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 74F34B89DFD3ADCC7A70461457417D6B
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: F3FF0CD85BA9A7F29424351131911848
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 63E371F80C5DCAB8CD4354EBE6AF9791
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 7DA176F05864FEB9018F1F6472EF6B23
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 610F19D403B7B17A3F1076118C148484
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6683B2E21A8324D58CA47E7B5D39A474
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hackers invadem Instagram de mulher de Moro e anunciam venda para 'ajudar prima' - ISTOÉ DINHEIROLINKEDINFacebookWhatsAppTwitterLinkedInEmailFacebookWhatsAppTwitterLinkedInEmailLINKEDINGroup 3Group 3Group 3Group 3

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

432
Requests

91 %
HTTPS

36 %
IPv6

53
Domains

94
Subdomains

68
IPs

8
Countries

6019 kB
Transfer

15170 kB
Size

56
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/revistaISTOE
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/RevistaISTOE
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.editora3.com.br/
Title: Editora 3

Search URL Search Domain Scan URL

URL: https://istoe.com.br/
Title: ISTOÉ

Search URL Search Domain Scan URL

URL: https://www.dinheirorural.com.br/
Title: Dinheiro Rural

Search URL Search Domain Scan URL

URL: https://www.revistamenu.com.br/
Title: Menu

Search URL Search Domain Scan URL

URL: https://motorshow.com.br/
Title: Motorshow

Search URL Search Domain Scan URL

URL: https://www.revistaplaneta.com.br/
Title: Planeta

Search URL Search Domain Scan URL

URL: https://www.select.art.br/
Title: Select

Search URL Search Domain Scan URL

URL: http://gooutside.com.br/
Title: Gooutside

Search URL Search Domain Scan URL

URL: http://hardcore.uol.com.br/
Title: Hardcore

Search URL Search Domain Scan URL

URL: http://runnersworld.com.br/
Title: Runner's World

Search URL Search Domain Scan URL

URL: http://revistawh.com.br/
Title: Women's Health

Search URL Search Domain Scan URL

URL: http://hardcore.com.br/
Title: Hardcore

Search URL Search Domain Scan URL

URL: https://istoe.com.br/anuncie/
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://www.facebook.com/istoedinheiro

Search URL Search Domain Scan URL

URL: https://twitter.com/RevistaDinheiro

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1826976
Title: LINKEDIN Created with Sketch.

Search URL Search Domain Scan URL

URL: https://lp.edpedia.com.br/lp-investir-em-acoes/?tm_source=Isto%C3%A9+Dinheiro&utm_medium=NL&utm_campaign=Lucre+em+qualquer+cen%C3%A1rio
Title: + Bolsa americana, dólar e biticoin caem e bolsa brasileira sobe nos últimos meses. Especialista ensina a como se beneficiar desses movimentos. Inscreva-se agora!

Search URL Search Domain Scan URL

URL: https://motorshow.com.br/nova-montana-3a-geracao-da-picape-da-chevrolet-chega-em-2023-assista/?ielink
Title: + Nova Montana: 3ª geração da picape da Chevrolet chega em 2023

Search URL Search Domain Scan URL

URL: https://revistamenu.com.br/vendedores-do-mercadao-de-sp-ameacam-clientes-com-golpe-da-fruta/?ielink
Title: + Vendedores do Mercadão de SP ameaçam clientes com golpe da fruta

Search URL Search Domain Scan URL

URL: https://istoe.com.br/mae-e-atacada-nas-redes-sociais-ao-usar-roupa-justa-para-levar-filho-a-escola/?ielink
Title: + Vídeo: Mãe é atacada nas redes sociais ao usar roupa justa para levar filho à escola

Search URL Search Domain Scan URL

URL: https://istoe.com.br/coluna/virginia-gaia/?ielink
Title: + Horóscopo: confira a previsão de hoje para seu signo

Search URL Search Domain Scan URL

URL: https://www.revistaplaneta.com.br/o-que-se-sabe-sobre-a-flurona/?ielink
Title: + O que se sabe sobre a flurona?

Search URL Search Domain Scan URL

URL: https://revistamenu.com.br/2020/05/20/truque-para-espremer-limoes-vira-mania-nas-redes-sociais/?ielink
Title: + Truque para espremer limões vira mania nas redes sociais

Search URL Search Domain Scan URL

URL: https://www.revistaplaneta.com.br/ictiossauro-monstro-e-descoberto-na-colombia/?ielink
Title: + ‘Ictiossauro-monstro’ é descoberto na Colômbia

Search URL Search Domain Scan URL

URL: https://www.revistaplaneta.com.br/um-gemeo-se-tornou-vegano-o-outro-comeu-carne-confira-o-resultado/?ielink
Title: + Um gêmeo se tornou vegano, o outro comeu carne. Confira o resultado

Search URL Search Domain Scan URL

URL: https://motorshow.com.br/veja-quais-foram-os-carros-mais-roubados-em-sp-em-2021/?ielink
Title: + Veja quais foram os carros mais roubados em SP em 2021

Search URL Search Domain Scan URL

URL: https://www.revistaplaneta.com.br/expedicao-identifica-lula-gigante-responsavel-por-naufragio-de-navio-em-2011/?ielink
Title: + Expedição identifica lula gigante responsável por naufrágio de navio em 2011

Search URL Search Domain Scan URL

URL: https://www.revistamenu.com.br/2021/05/24/agencia-dos-eua-alerta-nunca-lave-carne-de-frango-crua/?ielink
Title: + Agência dos EUA alerta: nunca lave carne de frango crua

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N256806.279382DBMBITDEFENDERRO5/B26229394.311454940;dc_trk_aid=504147990;dc_trk_cid=155387237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUortvUw-mVqai7AQ#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUortvUw-mVqai7AQ
Title: BitdefenderAdvertisement

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editora3-istodinheiro&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/editora3-istodinheiro/log/3/click?pi=%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&ri=b6e072c737ee988216653781a30589e4&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&it=text&ii=~~V1~~-842706776506086399~~n-7a-DQ-7Ku6D8tWCFEZET7WB-jfqP8kwo5O3vuEuVDTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKm-8JNJqDvLk2Ql_TFxcIpf9zmZrK6g3UhJQ-hckyiPJ8Avj684aaQ_aW6OB0psUQHg-3Z89BSNZnXmH7zODlYlk3eEnsoo_Vf26iAu1wbiI6zhr_uog6GC70OqLAd6RE&pt=text&li=rbox-t2v&sig=6316f996d4805f384f3f6be2cdd9a54e53023e2c7113&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN256806.279382DBMBITDEFENDERRO5%2FB26229394.311454940%3Bdc_trk_aid%3D504147990%3Bdc_trk_cid%3D155387237%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Ftblci%3DGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUortvUw-mVqai7AQ%23tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUortvUw-mVqai7AQ&vi=1649087510430&p=bitdefenderdirect-sc&r=97&lti=deflated&ppb=CCA&cpb=EhIyMDIyMDQwNC0yLVJFTEVBU0UY3LTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxMjI4gK6Cyg1Am-MJSI6KEFDxtdkDWKjsEGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCYHBgYZGMI6yQQ6TcYHWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAH_yYnHAZABHA&cta=true
Title: Angebot hier

Search URL Search Domain Scan URL

URL: https://om.elvenar.com/ox/de/?ref=tab_de_dach&&external_param=3249402335&pid=editora3-istodinheiro&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb5cb62d0ea2a7d272880f989f1a9854e.jpeg&tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCPyT8ouvHeibGH2I3DAQ#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCPyT8ouvHeibGH2I3DAQ
Title: Elvenar - Free Online Game

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editora3-istodinheiro&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/editora3-istodinheiro/log/3/click?pi=%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&ri=fa68e8c5cbeb5b09b412fb37fbb4e224&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&it=text&ii=~~V1~~3237030538255699684~~WJj5HFgLFzhtmqW7fCx9l0Njo_6QIZbOQGhElRdPTA09ZEj1nSOh25J82sTDXEn1oWs157JoiAAXIKi9-eLaKG3GM7Q_aWDX9O8A-oTuarjB3pAXD2426g4yuaugyXYaN63gxaKde9rsWPArupdiqhN80UyStTjX_pybrGSLBeA2-tsXvw7c5DjwHPvY1IDkDu3RgxboYC5HYFZnazy8WrConGA8XQo1rNKVnNirpZb6NWKWnk-ujweqBilkqL_beYQuY8J37CKMWTBo3zG-vcCWrmcdwkZyWIISdiXNNCLpE68wAJpFgoX3IttLHfyy&pt=text&li=rbox-t2v&sig=e2e4883e595262367d9401106897e9f3881f6d4f8dd2&redir=https%3A%2F%2Fom.elvenar.com%2Fox%2Fde%2F%3Fref%3Dtab_de_dach%26%26external_param%3D3249402335%26pid%3Deditora3-istodinheiro%26bid%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fb5cb62d0ea2a7d272880f989f1a9854e.jpeg%26tblci%3DGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCPyT8ouvHeibGH2I3DAQ%23tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCPyT8ouvHeibGH2I3DAQ&vi=1649087510430&p=elvinar-sc&r=45&lti=deflated&ppb=CJ4B&cpb=EhIyMDIyMDQwNC0yLVJFTEVBU0UY3LTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxMjI4gK6Cyg1Am-MJSI6KEFDxtdkDWKjsEGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCYHBgYZGMI6yQQ6TcYHWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAH_yYnHAZABHA&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://marketing.net.brillen.de/ts/i4861472/tsc?typ=r&amc=dis.brillende.44231.353452.CRTEtYUVEGb&smc5=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDhwD8o1u3u5_WjwOWNAQ&tst=!!TIMESTAMP!!&utm_source=taboola&utm_medium=referral&tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDhwD8o1u3u5_WjwOWNAQ#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDhwD8o1u3u5_WjwOWNAQ
Title: brillen.de

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de&&external_param=3001760227&pid=editora3-istodinheiro&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F95feb8a1bac1de99d9e6c645b9725250.jpeg&tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8o5J2Jp8i2vcapAQ#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8o5J2Jp8i2vcapAQ
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de_videonew&external_param=3178499641&pid=editora3-istodinheiro&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ff1915e48f459311820b4ac5b9f72ad3c.jpeg&tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8o5euCgOnvmZDaAQ#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8o5euCgOnvmZDaAQ
Title: Forge Of EmpiresAdvertisement

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/editora3-istodinheiro/log/3/click?pi=%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&ri=560403bd640e02fb0be8d4d468d3327e&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&it=video&ii=~~V1~~1188429747140584872~~YWFn0sQnGd72YVDiqNPfQuMxnAGlMgkMrWQfyvIbJ-HTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RIl---_WsvsGiDa1de9OklCHcNEXCpgj1lwyr-co9hl2YCi289RNgKyMImm-4XLJPII6GYxQOubEUtrpeznumk0Hz8WQBaUohQ1Hi7hQ-kkESUuB7D8biG83b9aA78m-I0&pt=text&li=rbox-t2v&sig=f0e809a078c37d0456951a44dab8fa414255032ba7ef&redir=https%3A%2F%2Fom.forgeofempires.com%2Ffoe%2Fde%2F%3Fref%3Dtab_de_de_videonew%26external_param%3D3178499641%26pid%3Deditora3-istodinheiro%26bid%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Ff1915e48f459311820b4ac5b9f72ad3c.jpeg%26tblci%3DGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8o5euCgOnvmZDaAQ%23tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8o5euCgOnvmZDaAQ&vi=1649087510430&p=innogamesforgeofempiressc&r=56&lti=deflated&ppb=CJAB&cpb=EhIyMDIyMDQwNC0yLVJFTEVBU0UY3LTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxMjI4gK6Cyg1Am-MJSI6KEFDxtdkDWKjsEGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCYHBgYZGMI6yQQ6TcYHWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAH_yYnHAZABHA&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://info.geers.de/kostenlosprobieren/?utm_source=taboola&utm_medium=display&utm_campaign=KP_DE_GEE_ACQ_DIS_TAB_DES_STEM01_IMG_JAN5W&utm_content=3211150460&utm_term=editora3-istodinheiro&utm_title=Erfurt%3A+GEERS+sucht+700+Testh%C3%B6rer+vor+1972+geboren&tb_click_id=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCDkFIoxfv-3uCzy70z&_ad_placement=editora3-istodinheiro&tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCDkFIoxfv-3uCzy70z#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCDkFIoxfv-3uCzy70z
Title: GEERS - Gutes Hören

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N256806.279382DBMBITDEFENDERRO5/B26229394.311454940;dc_trk_aid=504147990;dc_trk_cid=155387237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUo5OKBgKmPg98c#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUo5OKBgKmPg98c
Title: BitdefenderAdvertisement

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editora3-istodinheiro&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/editora3-istodinheiro/log/3/click?pi=%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&ri=ae6189b7df994b35939dc3b0b5244387&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&it=text&ii=~~V1~~-842706776506086399~~3lmVpfhOkumaTG3Fh8osRz7WB-jfqP8kwo5O3vuEuVDTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RIzBC8nr0z12hiSGPC9ejfhaBCWzHSy8PypKVz-7k7R4J8Avj684aaQ_aW6OB0psUQHg-3Z89BSNZnXmH7zODlYlk3eEnsoo_Vf26iAu1wbiI6zhr_uog6GC70OqLAd6RE&pt=text&li=rbox-t2v&sig=8e34b7963b7a907dc7fd229b9dcd1d84ea7d4bf44ed1&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN256806.279382DBMBITDEFENDERRO5%2FB26229394.311454940%3Bdc_trk_aid%3D504147990%3Bdc_trk_cid%3D155387237%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Ftblci%3DGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUo5OKBgKmPg98c%23tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUo5OKBgKmPg98c&vi=1649087510430&p=bitdefenderdirect-sc&r=22&lti=deflated&ppb=CO8E&cpb=EhIyMDIyMDQwNC0yLVJFTEVBU0UY3LTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxMjI4gK6Cyg1Am-MJSI6KEFDxtdkDWKjsEGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCYHBgYZGMI6yQQ6TcYHWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAH_yYnHAZABHA&cta=true
Title: Angebot hier

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de&&external_param=3001760227&pid=editora3-istodinheiro&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F95feb8a1bac1de99d9e6c645b9725250.jpeg&tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8ovOmsjP3Ki7NT#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8ovOmsjP3Ki7NT
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://om.elvenar.com/ox/de/?ref=tab_de_dach&&external_param=3249402335&pid=editora3-istodinheiro&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb5cb62d0ea2a7d272880f989f1a9854e.jpeg&tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCPyT8o9Zy-6r-_wZ88#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCPyT8o9Zy-6r-_wZ88
Title: Elvenar - Free Online Game

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editora3-istodinheiro&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/editora3-istodinheiro/log/3/click?pi=%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&ri=1ec6dc3261af23a72a8bd76e632afc2e&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&it=text&ii=~~V1~~3237030538255699684~~cPHrmQF_wQ6E2Rgp3MqBdENjo_6QIZbOQGhElRdPTA09ZEj1nSOh25J82sTDXEn1oWs157JoiAAXIKi9-eLaKG3GM7Q_aWDX9O8A-oTuarjB3pAXD2426g4yuaugyXYaN63gxaKde9rsWPArupdiqhN80UyStTjX_pybrGSLBeA2-tsXvw7c5DjwHPvY1IDk8IeiYZBlLjYz6nqTKrMs47ConGA8XQo1rNKVnNirpZb6NWKWnk-ujweqBilkqL_beYQuY8J37CKMWTBo3zG-vcCWrmcdwkZyWIISdiXNNCLpE68wAJpFgoX3IttLHfyy&pt=text&li=rbox-t2v&sig=278cabeb347762064dbc926fc647231068ff028360aa&redir=https%3A%2F%2Fom.elvenar.com%2Fox%2Fde%2F%3Fref%3Dtab_de_dach%26%26external_param%3D3249402335%26pid%3Deditora3-istodinheiro%26bid%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fb5cb62d0ea2a7d272880f989f1a9854e.jpeg%26tblci%3DGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCPyT8o9Zy-6r-_wZ88%23tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyCPyT8o9Zy-6r-_wZ88&vi=1649087510430&p=elvinar-sc&r=50&lti=deflated&ppb=COUF&cpb=EhIyMDIyMDQwNC0yLVJFTEVBU0UY3LTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxMjI4gK6Cyg1Am-MJSI6KEFDxtdkDWKjsEGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCYHBgYZGMI6yQQ6TcYHWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAH_yYnHAZABHA&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://marketing.net.brillen.de/ts/i4861472/tsc?typ=r&amc=dis.brillende.44231.353452.CRTEtYUVEGb&smc5=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDhwD8owqeZjIvV9qNW&tst=!!TIMESTAMP!!&utm_source=taboola&utm_medium=referral&tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDhwD8owqeZjIvV9qNW#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDhwD8owqeZjIvV9qNW
Title: brillen.de

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N256806.279382DBMBITDEFENDERRO5/B26229394.311454940;dc_trk_aid=504147990;dc_trk_cid=155387237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUo9-DByaPa8oTYAQ#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDWvVUo9-DByaPa8oTYAQ
Title: BitdefenderAdvertisement

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editora3-istodinheiro&utm_medium=referral&utm_content=blend-next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de&&external_param=3001760227&pid=editora3-istodinheiro&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F95feb8a1bac1de99d9e6c645b9725250.jpeg&tblci=GiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8o69i1uc-S2L4o#tblciGiC8lnV3Fd9VYvq3lKqGyYqAPUL6CqRrypb9OH15loHYqyDJqD8o69i1uc-S2L4o
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://sb.scorecardresearch.com/cs/36204834/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 48

https://sb.scorecardresearch.com/b?c1=2&c2=36204834&cs_it=b2&cv=3.8.0.210223&ns__t=1649087509620&ns_c=UTF-8&c7=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&c8=Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20%27ajudar%20prima%27%20-%20ISTO%C3%89%20DINHEIRO&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=36204834&cs_it=b2&cv=3.8.0.210223&ns__t=1649087509620&ns_c=UTF-8&c7=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&c8=Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20%27ajudar%20prima%27%20-%20ISTO%C3%89%20DINHEIRO&c9=

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCFvUvcQFoYlkKtYGVCdhQ&google_cver=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YksUFZ5gaUOHZO5nt7rV.wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCFvUvcQFoYlkKtYGVCdhQ&google_cver=1&google_hm=2

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM1QQP71Y1dnsqSc0llMdVQ&google_cver=1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4NTQ1MjIzMDAyMzQxOTY5

Request Chain 236

https://d.agkn.com/pixel/2175/?google_gid=CAESEK6hSRGTlDjwhpx240F_bkI&google_cver=1&google_push=AYg5qPJgU6wzLItwdJJjSJSbvO2LS5GAd5Ac5q-LjXiK9N5iQrZcGmGhBIY0gJBajiHcObupaCbC-NeVh-3YB3_gA9Nq6pTM4g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJgU6wzLItwdJJjSJSbvO2LS5GAd5Ac5q-LjXiK9N5iQrZcGmGhBIY0gJBajiHcObupaCbC-NeVh-3YB3_gA9Nq6pTM4g&google_hm=Q0FFU0VLNmhTUkdUbERqd2hweDI0MEZfYmtJ

Request Chain 237

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIzplwBfw03uhP4Cbc3a78EWaz-8X6rIh13-5E9Y0CYp46vhmvEUvklZu9KIja9kOqTKbEOJc_slhPvvlUuQQnz5vSr8oA&google_gid=CAESEG2zd_BW-2eMrHD-yazfEuI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIzplwBfw03uhP4Cbc3a78EWaz-8X6rIh13-5E9Y0CYp46vhmvEUvklZu9KIja9kOqTKbEOJc_slhPvvlUuQQnz5vSr8oA&google_gid=CAESEG2zd_BW-2eMrHD-yazfEuI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDQxNTUxNTAwMDA2MzE3NjM0NDEwNg%3D%3D&google_push=AYg5qPIzplwBfw03uhP4Cbc3a78EWaz-8X6rIh13-5E9Y0CYp46vhmvEUvklZu9KIja9kOqTKbEOJc_slhPvvlUuQQnz5vSr8oA

Request Chain 238

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMf15y77k_xSw6iteXIKpA&google_cver=1&google_push=AYg5qPL5kNi16iA_yuhKMvBpIajOJh4hn_9CoF6EJB-TABzHjV86w2ZMHVHcos62IxHz10wes7N9Q5SFiHWXvuDgpAfsHhLE6w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJTlEtMU4tS1RNVQ==&google_push=AYg5qPL5kNi16iA_yuhKMvBpIajOJh4hn_9CoF6EJB-TABzHjV86w2ZMHVHcos62IxHz10wes7N9Q5SFiHWXvuDgpAfsHhLE6w

Request Chain 254

https://ad.doubleclick.net/ddm/trackimp/N256806.279382DBMBITDEFENDERRO5/B26229394.311454940;dc_trk_aid=504147990;dc_trk_cid=155387237;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=istoedinheiro.com.br HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N256806.279382DBMBITDEFENDERRO5/B26229394.311454940;dc_pre=CIy0kNrh-vYCFcMAiwodMakDDA;dc_trk_aid=504147990;dc_trk_cid=155387237;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=istoedinheiro.com.br

Request Chain 286

https://d.agkn.com/pixel/2175/?google_gid=CAESEK6hSRGTlDjwhpx240F_bkI&google_cver=1&google_push=AYg5qPKgiCESWFFFV76hy1vWaazHjc9uTXSMbE40fS7MRYdL9scKpV_xFJp7t9Wb6RHTgx9AbUMa6bha_jiAytW8zOtpA02DVCU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKgiCESWFFFV76hy1vWaazHjc9uTXSMbE40fS7MRYdL9scKpV_xFJp7t9Wb6RHTgx9AbUMa6bha_jiAytW8zOtpA02DVCU&google_hm=Q0FFU0VLNmhTUkdUbERqd2hweDI0MEZfYmtJ

Request Chain 287

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPImrkPL99swl501DDlWKnUDhSqJZlaUtp9WRXTfua-QLOhI8lSQdwb9zaSwIZQuDdqj61YHlU0-P9Y3WgYvxrPTRR233Q&google_gid=CAESEAB9CavVvxr46vCty6oOLck&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJaorJIGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJbXJrUEw5OXN3bDUwMUREbFdLblVEaFNxSlpsYVV0cDlXUlhUZnVhLVFMT2hJOGxTUWR3Yjl6YVN3SVpRdURkcWo2MVlIbFUwLVA5WTNXZ1l2eHJQVFJSMjMzUQ

Request Chain 288

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ-Tbh9z0C4daYVM8EdSMNpKPnrBzor_Ey2N5NJiWj-8ALYQyKrrBOV4k3QXVWQ3Lxp5LUXewOwKSnEaCFISFehuY_vdx4&google_gid=CAESEG2zd_BW-2eMrHD-yazfEuI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ-Tbh9z0C4daYVM8EdSMNpKPnrBzor_Ey2N5NJiWj-8ALYQyKrrBOV4k3QXVWQ3Lxp5LUXewOwKSnEaCFISFehuY_vdx4&google_gid=CAESEG2zd_BW-2eMrHD-yazfEuI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDQxNTUxNTAwMDAyMDQyNTI2OTI1MA%3D%3D&google_push=AYg5qPJ-Tbh9z0C4daYVM8EdSMNpKPnrBzor_Ey2N5NJiWj-8ALYQyKrrBOV4k3QXVWQ3Lxp5LUXewOwKSnEaCFISFehuY_vdx4

Request Chain 290

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY

Request Chain 291

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOt920i9uDzbT3kclLrCAQ4&google_cver=1&google_push=AYg5qPIddyN72hWKW4vDsVlkGDXqVLSO2ILl33ZcJCzEw6E7Bpxaf9v05IAqL5IZF80sMHeIevmMWZOk3vrfTCSAageKbGZ9zw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIddyN72hWKW4vDsVlkGDXqVLSO2ILl33ZcJCzEw6E7Bpxaf9v05IAqL5IZF80sMHeIevmMWZOk3vrfTCSAageKbGZ9zw&google_hm=eiSBDR0EQKOVIsj-O-9D3g

Request Chain 320

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWod8h-4CwkGncE9xDdRcc&google_cver=1&google_push=AYg5qPLUSKVISZFtNtwxR3NjFqDAoTd7KfYrc0twihGoup9-24qJ_GZJRH5tGyfkBC21xwvymZ2HWyAsbgHOAClxnJbS5HOQs-8 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLUSKVISZFtNtwxR3NjFqDAoTd7KfYrc0twihGoup9-24qJ_GZJRH5tGyfkBC21xwvymZ2HWyAsbgHOAClxnJbS5HOQs-8&google_hm=0Vkmtc-5eZlhs0TTkEHPQw

Request Chain 321

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJwTK4mulI7oMqh_eSFGi75UjHrWEax-OgA50282rt0M5lrvab_hUz21gOt8j4jsfEXof2ZJMb0PGoonj7GCzhDCiz9jw&google_gid=CAESEAB9CavVvxr46vCty6oOLck&google_cver=1 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcFlXRW1JNFVmbW9uZl9KOHQ4VXhqaWMwWUQ1V0hCSl83c3U5b25aakotYw==&google_push

Request Chain 323

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECsuJpaiZFj-HoJRQveQtnU&google_cver=1&google_push=AYg5qPKvPOyjIAJP6LX_4cv4JcJ_HXGSogmWv_hj2xZbFf9MwrD5jpR2ejVRzjkhcCGGEyKR49JadamxuXFTe241xXxXgh3pqiE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECsuJpaiZFj-HoJRQveQtnU&google_cver=1&google_push=AYg5qPKvPOyjIAJP6LX_4cv4JcJ_HXGSogmWv_hj2xZbFf9MwrD5jpR2ejVRzjkhcCGGEyKR49JadamxuXFTe241xXxXgh3pqiE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UCefx-qYQwyLBU96QEfvSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKvPOyjIAJP6LX_4cv4JcJ_HXGSogmWv_hj2xZbFf9MwrD5jpR2ejVRzjkhcCGGEyKR49JadamxuXFTe241xXxXgh3pqiE

Request Chain 324

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMf15y77k_xSw6iteXIKpA&google_cver=1&google_push=AYg5qPIWUJLBX_y997bd76oCpIrSrxS7u5GF2jZpJ9BoidvQ8dRqDM2JymwvNsWPhMImbpWSD6uD_oL24PEuSpLtqFOvQ9bOZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJVVYtMjQtMkJXNw==&google_push=AYg5qPIWUJLBX_y997bd76oCpIrSrxS7u5GF2jZpJ9BoidvQ8dRqDM2JymwvNsWPhMImbpWSD6uD_oL24PEuSpLtqFOvQ9bOZQ

Request Chain 325

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1

Request Chain 332

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWod8h-4CwkGncE9xDdRcc&google_cver=1&google_push=AYg5qPKPKc9PSe15aLqrmzl4CBR2bDSp7RLsMdq8_-0j6PvLBitZb3NassgB7RVX9WrIHVaagDNlNlfJKNsEaoOLKHf17rGPxw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKPKc9PSe15aLqrmzl4CBR2bDSp7RLsMdq8_-0j6PvLBitZb3NassgB7RVX9WrIHVaagDNlNlfJKNsEaoOLKHf17rGPxw&google_hm=0Vkmtc-5eZlhs0TTkEHPQw

Request Chain 333

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJGWqo4y2BCDI6Q9EWM4SocDwYxwC8qR6qL7TSloGCoL5kD4RqZ_v7L332pwK4Mh0Z682MdLqTwsk_qA1TCbWo6NbZyJmg&google_gid=CAESENOsdwT7nEMTE9X1dYS1_r0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtzVUZnQUFCUDlhMTNvYg&google_push=AYg5qPJGWqo4y2BCDI6Q9EWM4SocDwYxwC8qR6qL7TSloGCoL5kD4RqZ_v7L332pwK4Mh0Z682MdLqTwsk_qA1TCbWo6NbZyJmg

Request Chain 336

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECsuJpaiZFj-HoJRQveQtnU&google_cver=1&google_push=AYg5qPJ0gsdpadkBrcn-CSSo7oxic8KPkooELsebTvB_3zx_c_Ub3KpEUa7Ihoz25AdcESa51lRBaj-tAnqT0u27ZnhVLcZTTw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECsuJpaiZFj-HoJRQveQtnU&google_cver=1&google_push=AYg5qPJ0gsdpadkBrcn-CSSo7oxic8KPkooELsebTvB_3zx_c_Ub3KpEUa7Ihoz25AdcESa51lRBaj-tAnqT0u27ZnhVLcZTTw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eVXozFozTO-Bb8v8rlN4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ0gsdpadkBrcn-CSSo7oxic8KPkooELsebTvB_3zx_c_Ub3KpEUa7Ihoz25AdcESa51lRBaj-tAnqT0u27ZnhVLcZTTw

Request Chain 337

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMf15y77k_xSw6iteXIKpA&google_cver=1&google_push=AYg5qPJpq2reBSi2jv_96GjcUzZZUcKbvxTWJZu2ahuNBmRtkwTDoiL841anQs8Bpeam8C-qDjCS9rjIilqrKV6mjnffMVHFvl8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJWE4tMU8tM0pZNQ==&google_push=AYg5qPJpq2reBSi2jv_96GjcUzZZUcKbvxTWJZu2ahuNBmRtkwTDoiL841anQs8Bpeam8C-qDjCS9rjIilqrKV6mjnffMVHFvl8

Request Chain 338

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1

Request Chain 362

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWod8h-4CwkGncE9xDdRcc&google_cver=1&google_push=AYg5qPKuUgPBg8sPozSe0dd_ERy4Au0uAJDRjiFke-YM2N8KnFGl8YU9ECYHvT0YkiHo8_RZLbaVIVL5ghSuVXzMLoJoLpro1Ho HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKuUgPBg8sPozSe0dd_ERy4Au0uAJDRjiFke-YM2N8KnFGl8YU9ECYHvT0YkiHo8_RZLbaVIVL5ghSuVXzMLoJoLpro1Ho&google_hm=0Vkmtc-5eZlhs0TTkEHPQw

Request Chain 363

https://d.agkn.com/pixel/2175/?google_gid=CAESEK6hSRGTlDjwhpx240F_bkI&google_cver=1&google_push=AYg5qPITyGfoPdqRh-ER6BglOqL8yxtcZsjDzxOmBtdUffZ2Qw9Dk1cP0XFcAJeMsK5Co44VJ0PZQS57NvJuuYH8stJAK_4XI2I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPITyGfoPdqRh-ER6BglOqL8yxtcZsjDzxOmBtdUffZ2Qw9Dk1cP0XFcAJeMsK5Co44VJ0PZQS57NvJuuYH8stJAK_4XI2I&google_hm=Q0FFU0VLNmhTUkdUbERqd2hweDI0MEZfYmtJ

Request Chain 366

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECsuJpaiZFj-HoJRQveQtnU&google_cver=1&google_push=AYg5qPJHDlB-tfZ7JExLmYqoVlOGPwpgXQ7_J1xx0XnF0VvBG-r7jMHOfOr2EvYjTRB6e3B84ejuNpCBqCebxKa7ZIoAT5Ass4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UCefx-qYQwyLBU96QEfvSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJHDlB-tfZ7JExLmYqoVlOGPwpgXQ7_J1xx0XnF0VvBG-r7jMHOfOr2EvYjTRB6e3B84ejuNpCBqCebxKa7ZIoAT5Ass4U

Request Chain 367

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMf15y77k_xSw6iteXIKpA&google_cver=1&google_push=AYg5qPJ5KtXckf1-pduNKO02LCrrpkuY7-9EoqlenkiyDc2nMCBzfQC_GZgOD5VXVeWUIR6B5VlI3aZK_1EaaDQxoSR6Ui1ZyA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRKNlktMU4tTTlRVA==&google_push=AYg5qPJ5KtXckf1-pduNKO02LCrrpkuY7-9EoqlenkiyDc2nMCBzfQC_GZgOD5VXVeWUIR6B5VlI3aZK_1EaaDQxoSR6Ui1ZyA

Request Chain 368

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg

Request Chain 401

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=250ec2c5-b42f-11ec-a34b-1a404fd50506

Request Chain 405

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=250efd51-b42f-11ec-8ca0-13b80d860206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=250efd13-b42f-11ec-8ca0-13b80d860206&orig=video&us_privacy=1---gdpr=1&

Request Chain 407

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7ws43W5E2uFtyuEu8pW9ceRLZb8XtpyEcVJ_cfY-~A

Request Chain 418

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=250efd13-b42f-11ec-8ca0-13b80d860206&orig=video&us_privacy=1---gdpr=1&

Request Chain 420

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 422

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 442

https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649087515700&pgDomain=www.istoedinheiro.com.br&vpw=700&vph=393&gdpr=1&gdpr_consent=&schain=1.0,1!taboola.com,1135271,1,-1865687733,editora3-istodinheiro,istoedinheiro.com.br&us_privacy=1--- HTTP 302
https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649087515700&pgDomain=www.istoedinheiro.com.br&vpw=700&vph=393&gdpr=1&gdpr_consent=&schain=1.0%2C1!taboola.com%2C1135271%2C1%2C-1865687733%2Ceditora3-istodinheiro%2Cistoedinheiro.com.br&us_privacy=1---&cklb=1

432 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/ 98 KB
24 KB 718ms
471ms Document
text/html 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 / PHP/7.4.16
Resource Hash: 090d9ca4ccb235d89337757306fbf9411aeba65a5bd7c72bc8080d955ef0b15e

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 24101
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 15:51:47 GMT
link: <https://www.istoedinheiro.com.br/wp-json/>; rel="https://api.w.org/" <https://www.istoedinheiro.com.br/wp-json/wp/v2/posts/2691816>; rel="alternate"; type="application/json" <https://www.istoedinheiro.com.br/?p=2691816>; rel=shortlink
server: nginx/1.20.2
vary: Accept-Encoding
via: 1.1 google
x-powered-by: PHP/7.4.16

GET
H2 200 main.css
www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/css/ 549 KB
70 KB 11ms
8ms Stylesheet
text/css 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/css/main.css?ver=9.0.3
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: e58d6d065aba91b5dcc9a98dfcf0bd3d4c2742df9e1d0ad5b3244a9f8df25f63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:18:23 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 02:00:45 GMT
server: nginx/1.20.2
age: 9205
etag: W/"60ee454d-89457"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71584
via: 1.1 google
expires: Tue, 04 Apr 2023 13:18:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
605 B 45ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300italic,300,400italic,700,700italic,900,900italic

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

441e0467656e99238bd0547e5bdaac626664183d1f53903117e83dbfb2a45a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:51:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:51:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:51:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 44ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53bff42130f5bff8f3a92e259f20357ad8b46271cb9daa75a9485d401aeaa77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:21:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:51:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:51:48 GMT

GET
H2 200 style.min.css
www.istoedinheiro.com.br/wp-includes/css/dist/block-library/ 57 KB
11 KB 21ms
19ms Stylesheet
text/css 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:18:23 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 03:51:47 GMT
server: nginx/1.20.2
age: 9205
etag: W/"6077b853-e33b"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10961
via: 1.1 google
expires: Tue, 04 Apr 2023 13:18:23 GMT

GET
H2 200 blocks.style.build.css
www.istoedinheiro.com.br/wp-content/plugins/embedpress/Gutenberg/dist/ 518 B
641 B 23ms
21ms Stylesheet
text/css 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/plugins/embedpress/Gutenberg/dist/blocks.style.build.css?ver=1626202506
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 6d2c88d7b8364da624551c4b898778538b8020b501bd56717773d7a1d18f6d1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 20:44:12 GMT
via: 1.1 google
last-modified: Tue, 13 Jul 2021 18:55:06 GMT
server: nginx/1.20.2
age: 68856
etag: "60ede18a-206"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 518
expires: Mon, 03 Apr 2023 20:44:12 GMT

GET
H2 200 embedpress.css
www.istoedinheiro.com.br/wp-content/plugins/embedpress/assets/css/ 3 KB
3 KB 22ms
20ms Stylesheet
text/css 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/plugins/embedpress/assets/css/embedpress.css?ver=5.7.2
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 6cb35f7588c16390c3693092c2bb50a0b8f78f85462220811f6197df99a02341

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 12:53:21 GMT
via: 1.1 google
last-modified: Tue, 13 Jul 2021 18:55:07 GMT
server: nginx/1.20.2
age: 10707
etag: "60ede18b-aa8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2728
expires: Tue, 04 Apr 2023 12:53:21 GMT

GET
H2 200 main.css
www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/css/ 549 KB
70 KB 18ms
16ms Stylesheet
text/css 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/css/main.css?ver=5.7.2
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: e58d6d065aba91b5dcc9a98dfcf0bd3d4c2742df9e1d0ad5b3244a9f8df25f63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:26:48 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 02:00:45 GMT
server: nginx/1.20.2
age: 41100
etag: W/"60ee454d-89457"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71584
via: 1.1 google
expires: Tue, 04 Apr 2023 04:26:48 GMT

GET
H2 200 stylev2.css
www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/ 18 KB
4 KB 24ms
22ms Stylesheet
text/css 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/stylev2.css?v=2.4&ver=x1.2.5
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: bd8ef978874f98a40580450028661a8f8702d0ff278963908ecaa5f159dd9622

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 20:47:31 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 21:09:14 GMT
server: nginx/1.20.2
age: 68657
etag: W/"6227c5fa-4836"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4269
via: 1.1 google
expires: Mon, 03 Apr 2023 20:47:31 GMT

GET
H2 200 jquery.min.js Show response
www.istoedinheiro.com.br/wp-includes/js/jquery/ 87 KB
35 KB 25ms
23ms Script
application/javascript 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:18:23 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 10:04:37 GMT
server: nginx/1.20.2
age: 9205
etag: W/"606ed535-15d98"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36073
via: 1.1 google
expires: Tue, 04 Apr 2023 13:18:23 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.istoedinheiro.com.br/wp-includes/js/jquery/ 11 KB
5 KB 26ms
24ms Script
application/javascript 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:26:48 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 10:04:37 GMT
server: nginx/1.20.2
age: 41100
etag: W/"606ed535-2bd8"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4565
via: 1.1 google
expires: Tue, 04 Apr 2023 04:26:48 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/js/client/ 10 KB
4 KB 25ms
24ms Script
application/javascript 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/js/client/theia-sticky-sidebar.js?ver=1.0.0
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 82511ed160733023004690d3b634d2c2fec8989f057357703bb48a60093637d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:18:23 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 02:00:47 GMT
server: nginx/1.20.2
age: 9205
etag: W/"60ee454f-29c3"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3608
via: 1.1 google
expires: Tue, 04 Apr 2023 13:18:23 GMT

GET
H2 200 pdfobject.min.js Show response
www.istoedinheiro.com.br/wp-content/plugins/embedpress/assets/js/ 5 KB
2 KB 26ms
25ms Script
application/javascript 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/plugins/embedpress/assets/js/pdfobject.min.js?ver=2.7.6
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: e2aa0c7854e40d3c98add7b233c695057fc70b36f05bd41e23a9f00275061bd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 03:08:30 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 18:55:06 GMT
server: nginx/1.20.2
age: 45798
etag: W/"60ede18a-1357"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2004
via: 1.1 google
expires: Tue, 04 Apr 2023 03:08:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c2cd57fc33e43d8a3b951095eee1988fbe9ade5603046cff11a378f7460d85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28304
x-xss-protection: 0
server: sffe
etag: "1177 / 757 of 1000 / last-modified: 1649070439"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Apr 2022 15:51:48 GMT

GET
H2 200 24336_INTER_1.js Show response
api.grumft.com/inter/24336/ 2 KB
1 KB 308ms
95ms Script
application/javascript 192.95.31.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.grumft.com/inter/24336/24336_INTER_1.js
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.31.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns510949.ip-192-95-31.net
Software: nginx /
Resource Hash: 40e7e6169c21fb0209d88962adb314cb48e55d77dad4490d69394865e379bcf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
last-modified: Thu, 27 Aug 2020 15:58:29 GMT
server: nginx
etag: W/"5f47d825-892"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
expires: Wed, 04 May 2022 15:51:48 GMT

GET
H3 200 assinantes-147x196.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 13 KB
13 KB 27ms
8ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/assinantes-147x196.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: acfb9048c8ab5dbc820a24b8140dba60cc224feda9c08cb1f95f1b0d8087b53e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 12:25:54 GMT
via: 1.1 google
last-modified: Thu, 31 Mar 2022 18:57:19 GMT
server: nginx/1.20.2
age: 12354
etag: "6245f98f-3321"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13089
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo-dinheiro-1280-v20.svg
www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/svg/ 8 KB
3 KB 28ms
9ms Image
image/svg+xml 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/svg/logo-dinheiro-1280-v20.svg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: bc836f8f65981677bee87dd91f1eaa28be0b1bfe9c97e391e380456f8050d13b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 21:17:45 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 15:08:48 GMT
server: nginx/1.20.2
age: 66843
etag: W/"61f40700-1f6a"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3292
via: 1.1 google
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 busca.svg
www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/svg/ 1 KB
1 KB 29ms
10ms Image
image/svg+xml 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/svg/busca.svg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 88bcdb616584496c912491508115d321e4b5fc1a5b73fc028adb5ad9c5d9299a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 21:17:45 GMT
via: 1.1 google
last-modified: Wed, 14 Jul 2021 02:00:49 GMT
server: nginx/1.20.2
age: 66843
etag: "60ee4551-5c3"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1475
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo-dinheiro-mob-v20.svg
www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/svg/ 8 KB
3 KB 28ms
10ms Image
image/svg+xml 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/svg/logo-dinheiro-mob-v20.svg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: d57d2c3c3571a5eacb4df5e9d2292fb9bee14873b2387bd11e7d9b11d2f0df89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 21:17:45 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 15:08:48 GMT
server: nginx/1.20.2
age: 66843
etag: W/"61f40700-1f6d"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3274
via: 1.1 google
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 74ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4663753467999594

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cdfb673acd5fb8c2b4d7e9f2f128ec08d6b43ea824103e3f31e23625980ee5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.istoedinheiro.com.br/
Origin: https://www.istoedinheiro.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54155
x-xss-protection: 0
server: cafe
etag: 14095401224259435315
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 15:51:48 GMT

GET
H2 200 53678527e41895cf106895d0b3cc7614.js Show response
api.grumft.com/js/ 898 B
655 B 236ms
97ms Script
application/javascript 192.95.31.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.grumft.com/js/53678527e41895cf106895d0b3cc7614.js
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.31.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns510949.ip-192-95-31.net
Software: nginx /
Resource Hash: 81a6ad3945697de59e54042b4103890a4243cba1d04b17e55bf8804c9ca329f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 17:29:01 GMT
server: nginx
etag: W/"61155a5d-382"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
expires: Wed, 04 May 2022 15:51:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 84ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1592119126114388

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9389cc68a3faba34447c2b2ac49d9fa18c42f484e98c9b243e56d22aa78664b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.istoedinheiro.com.br/
Origin: https://www.istoedinheiro.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54131
x-xss-protection: 0
server: cafe
etag: 4868457503652504775
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 15:51:48 GMT

GET
H/1.1 200
OK eef0ff46-01e5-11ec-acda-53613212d6c6 Show response
nave.foone.com.br/client/ 6 KB
7 KB 341ms
97ms Script
text/plain 54.205.191.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nave.foone.com.br/client/eef0ff46-01e5-11ec-acda-53613212d6c6
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.205.191.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-18.compute-1.amazonaws.com
Software: /
Resource Hash: 5d0f3e571238268e935dcc48a08ea56445b13db9f91ec7733b92d36287b15141

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:48 GMT
surrogate-control: no-store
content-type: text/plain
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
keep-alive: timeout=5
content-length: 6460
expires: 0

GET
H3 200 editora-3.svg
www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/svg/ 12 KB
12 KB 23ms
9ms Image
image/svg+xml 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/svg/editora-3.svg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 5f7497b857fe22b466f5f015063fe59cf28a7b9aa8ab6c5427d01b15c93d9382

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 21:17:45 GMT
via: 1.1 google
last-modified: Wed, 14 Jul 2021 02:00:47 GMT
server: nginx/1.20.2
age: 66843
etag: "60ee454f-31dc"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12764
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 all.js Show response
www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/js/build/ 59 KB
20 KB 21ms
21ms Script
application/javascript 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/js/build/all.js?ver=9.0.3
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: d58fe9f071b6e66f2ff69371f76ac7a3733724bc34ba728369e6e114746ab081

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:17:49 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 02:00:47 GMT
server: nginx/1.20.2
age: 9239
etag: W/"60ee454f-ea99"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20264
via: 1.1 google
expires: Tue, 04 Apr 2023 13:17:49 GMT

GET
H3 200 comment-reply.min.js Show response
www.istoedinheiro.com.br/wp-includes/js/ 3 KB
1 KB 21ms
21ms Script
application/javascript 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-includes/js/comment-reply.min.js?ver=5.7.2
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:17:49 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 03:51:47 GMT
server: nginx/1.20.2
age: 9239
etag: W/"6077b853-ba8"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1390
via: 1.1 google
expires: Tue, 04 Apr 2023 13:17:49 GMT

GET
H3 200 front.js Show response
www.istoedinheiro.com.br/wp-content/plugins/embedpress/assets/js/ 642 B
663 B 20ms
18ms Script
application/javascript 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/plugins/embedpress/assets/js/front.js?ver=2.7.6
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 3e0883088748759001d4eb553095b01f86bc875d6eb1db1d244efe21596518b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 20:49:07 GMT
via: 1.1 google
last-modified: Tue, 13 Jul 2021 18:55:06 GMT
server: nginx/1.20.2
age: 68561
etag: "60ede18a-282"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 642
expires: Mon, 03 Apr 2023 20:49:07 GMT

GET
H3 200 main.js Show response
www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/js/ 1 KB
1 KB 21ms
15ms Script
application/javascript 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/js/main.js
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: c11e106a5e58ce060b11ae2ec07c20c452089aa0ae693d50fddd389c739657b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:17:49 GMT
via: 1.1 google
last-modified: Wed, 14 Jul 2021 02:00:49 GMT
server: nginx/1.20.2
age: 9239
etag: "60ee4551-4aa"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1194
expires: Tue, 04 Apr 2023 13:17:49 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 72ms
22ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.2
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2259
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6f6b35205e9801e3-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 07 Apr 2022 15:51:48 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 67ms
13ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 04 Apr 2022 15:51:48 GMT
x-host: s7.addthis.com
content-length: 116421

GET
H2 200 ws-LARMX9YH.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
934 B 311ms
92ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-LARMX9YH.js
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4902e2c5bccb527d68db3658489658ce9aa731e76e54269a91efb2856db12854

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
last-modified: Fri, 29 Mar 2019 13:57:24 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"351eab1880a7af41ee0dba5ddca24258"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 18 KB
6 KB 47ms
7ms Script
application/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=4156354880
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: a5fd82daf97e4f74d94c92d2e8556e73c891c480401bbb1ce29d5b02b381c9b2

Request headers

Referer: https://www.istoedinheiro.com.br/
Origin: https://www.istoedinheiro.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
via: 1.1 vegur, 1.1 varnish
age: 913
x-cache: HIT
x-cache-hits: 5
content-encoding: gzip
content-length: 6351
x-served-by: cache-hhn4027-HHN
last-modified: Mon, 04 Apr 2022 15:36:35 GMT
server: Apache
x-timer: S1649087509.519825,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 15:36:35 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.istoedinheiro.com.br/wp-includes/js/ 14 KB
5 KB 23ms
11ms Script
application/javascript 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:17:49 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 10:04:36 GMT
server: nginx/1.20.2
age: 9239
etag: W/"606ed534-3795"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5269
via: 1.1 google
expires: Tue, 04 Apr 2023 13:17:49 GMT

GET
H2 200 pubads_impl_2022032909.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
126 KB 39ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

11992f506398f0ce551a82f7591c0448de7de4b0a84a1fdef72131fd756710ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 04 Apr 2022 11:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128011
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 19:35:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 11:07:50 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 233 B
771 B 52ms
21ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.istoedinheiro.com.br

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1d31326f7496dae795cedf9b5a790258d01f9255a75e854d9b29c71dc91fe4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134
x-xss-protection: 0
expires: Mon, 04 Apr 2022 15:51:48 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/36204834/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

10ms
10ms

Script
application/javascript

99.86.7.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Server: 99.86.7.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:35:42 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 967
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: xGIpU7cZHTaOasheWp-Kw4lYSlo15ICq9qCatjeiUsfTtb-BKCDm2A==

Redirect headers

location: /internal-cs/default/beacon.js
date: Mon, 04 Apr 2022 15:51:48 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: 4gJ1ElaOREUA3hoZqXFsLXCFi469XCieu-IGyBj04icAM8UXyHhRAw==
x-cache: Miss from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1018
date: Mon, 04 Apr 2022 15:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Apr 2022 17:34:50 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/editora3-istodinheiro/ 516 KB
37 KB 104ms
30ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/editora3-istodinheiro/loader.js
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07f692b52a6c486699cfb1148d24b36ca2726246b85fe13e1dba3ba6034d2dde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: sUjd4oiQaCjTjJUEBYO4NP5bx99Owxvp
content-encoding: gzip
etag: "7ab20334c7619c6d4d1a8902cf5e3649"
age: 24014
x-cache: HIT
content-length: 37922
x-amz-id-2: E0LcCJaFqNh3UnWT6JKDeSEL+A20PYpV2bKEmrpCv5khBBSXyeoHT2hnNEs0wLT9bT3Cqz9/CYE=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 04 Apr 2022 09:06:18 GMT
server: AmazonS3
x-timer: S1649087509.558519,VS0,VE1
date: Mon, 04 Apr 2022 15:51:48 GMT
vary: Accept-Encoding
x-amz-request-id: 9ZSZXDWVJV72JD5T
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 73
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 29ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26313
x-xss-protection: 0
pragma: public
x-fb-debug: 3QlRpuXQALSTdyUtQ8+inXC0L0YGcAvZO/s6CUb9sDBlhLa3CpiBnmHFNLT6QqZo7X4lIUQWGj+o6DqIDImlNQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 04 Apr 2022 15:51:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2306807.js Show response
static.hotjar.com/c/ 5 KB
2 KB 32ms
13ms Script
application/javascript 65.9.66.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2306807.js?sv=6

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-123.fra56.r.cloudfront.net

Software

Resource Hash

6edde27699666da21bef3ca8658fa1853296f52c0356ae00e7d02130610b60db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:04 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 44
etag: W/5af93b35fda986c30920f5322bc2fb8a
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: XoC23KPDD0QIqyYIPEY4ZvPTG1Qgeat3GkPnZIZTRPQdIGmC6VTcgw==
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)

GET
H3 200 print.css
www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/css/ 2 KB
657 B 19ms
11ms Stylesheet
text/css 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/revistas_3/assets/css/print.css?v=1.6
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: c57a2bac19109ec4d3423b85dd7102e7b9eb641dd229dd53b8956465ded5bc12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 20:48:22 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 02:00:46 GMT
server: nginx/1.20.2
age: 68606
etag: W/"60ee454e-642"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,max-age=31600000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 636
via: 1.1 google
expires: Mon, 03 Apr 2023 20:48:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.istoedinheiro.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.istoedinheiro.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 435 B
267 B 69ms
52ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2759338911394495&correlator=4443310332362798&eid=31066025%2C31066038&output=ldjh&gdfp_req=1&vrg=2022032909&ptt=17&impl=fif&iu_parts=22452847%2CIEDinheiro_Internas&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1719590335&sfv=1-0-38&ecs=20220404&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1649087509549&lmt=1649087509&dlt=1649087509141&idt=213&biw=1600&bih=1200&adxs=0&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5b2ac85f4eb5faa213f86b310f792f555a284ab715127f3949ea32a6561c4dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7A5E 6 KB
4 KB 86ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:48 GMT
expires: Tue, 04 Apr 2023 15:51:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,300,400italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.istoedinheiro.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 418878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 38ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,300,400italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.istoedinheiro.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:31:09 GMT
x-content-type-options: nosniff
age: 310839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 01:31:09 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 267ms
266ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2759338911394495&correlator=4443310332362798&eid=31066025%2C31066038&output=ldjh&gdfp_req=1&vrg=2022032909&ptt=17&impl=fif&iu_parts=22452847%2CIEDinheiro_Internas%2Cpolitica-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=2&adks=2119568665&sfv=1-0-38&ecs=20220404&fsapi=false&prev_scp=pos%3Dtop_int&sc=1&cookie_enabled=1&abxe=1&dt=1649087509591&lmt=1649087509&dlt=1649087509141&idt=213&biw=1600&bih=1200&adxs=436&adys=197&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x20&msz=1600x0&fws=0&ohw=0&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

bb192872e10b92729070c08bbdf96b106f0a0cfed6fb3ab99f5668b1c5250877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8048
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 143 KB
16 KB 597ms
597ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2759338911394495&correlator=4443310332362798&eid=31066025%2C31066038&output=ldjh&gdfp_req=1&vrg=2022032909&ptt=17&impl=fif&iu_parts=22452847%2CIEDinheiro_Internas%2Cpolitica-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C300x600&ifi=3&adks=2319025774&sfv=1-0-38&ecs=20220404&fsapi=false&prev_scp=pos%3Dtop&sc=1&cookie_enabled=1&abxe=1&dt=1649087509599&lmt=1649087509&dlt=1649087509141&idt=213&biw=1600&bih=1200&adxs=160&adys=242&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=340x0&msz=340x0&fws=4&ohw=1280&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b3ef825d7018d8542e0135ca586cf15d9a94a4cfe9fdda243e5b82e89f0b53e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16189
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.istoedinheiro.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=36204834&cs_it=b2&cv=3.8.0.210223&ns__t=1649087509620&ns_c=UTF-8&c7=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e...
https://sb.scorecardresearch.com/b2?c1=2&c2=36204834&cs_it=b2&cv=3.8.0.210223&ns__t=1649087509620&ns_c=UTF-8&c7=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-...

0
190 B

15ms
15ms

Image
text/plain

99.86.7.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=36204834&cs_it=b2&cv=3.8.0.210223&ns__t=1649087509620&ns_c=UTF-8&c7=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&c8=Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20%27ajudar%20prima%27%20-%20ISTO%C3%89%20DINHEIRO&c9=
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Server: 99.86.7.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-129.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: WyxXL7FOdwqF19tTfmPiHF92qPfH6ALjfNnuyrY4COemISFQyQL58g==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=36204834&cs_it=b2&cv=3.8.0.210223&ns__t=1649087509620&ns_c=UTF-8&c7=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&c8=Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20%27ajudar%20prima%27%20-%20ISTO%C3%89%20DINHEIRO&c9=
date: Mon, 04 Apr 2022 15:51:48 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: -9PzPLWCbGkFjTWauSTdhTJ7yZoL-9jx8c71Gi8OU_YsBE6kSPvN6w==
x-cache: Miss from cloudfront

GET
H3 200 more-points-gray.svg
www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/images/ 1 KB
617 B 8ms
7ms Image
image/svg+xml 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/assets/images/more-points-gray.svg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/stylev2.css?v=2.4&ver=x1.2.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 667e23f6656072e49e950423f65e926e5df1c90bffee2d980226d702d745ff14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/wp-content/themes/tema_dinheiro/stylev2.css?v=2.4&ver=x1.2.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 17:50:06 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 02:00:49 GMT
server: nginx/1.20.2
age: 79302
etag: W/"60ee4551-513"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 596
via: 1.1 google
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 24ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.istoedinheiro.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 493601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:45:07 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=813440825&t=pageview&_s=1&dl=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&ul=en-us&de=UTF-8&dt=Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20%27ajudar%20prima%27%20-%20ISTO%C3%89%20DINHEIRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1313486671&gjid=1608546249&cid=2055158830.1649087510&tid=UA-13292077-1&_gid=2036373861.1649087510&_r=1&_slc=1&cg1=Pol%C3%ADtica&cg2=Estad%C3%A3o%20Conte%C3%BAdo&z=1797391057

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 22ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=813440825&t=pageview&_s=1&dl=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&ul=en-us&de=UTF-8&dt=Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20%27ajudar%20prima%27%20-%20ISTO%C3%89%20DINHEIRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1124107357&gjid=1998165794&cid=2055158830.1649087510&tid=UA-12962565-11&_gid=2036373861.1649087510&_r=1&_slc=1&z=940301693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.681b17e679ac939c3f40.js Show response
script.hotjar.com/ 236 KB
62 KB 27ms
7ms Script
application/javascript 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.681b17e679ac939c3f40.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2306807.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-26.fra6.r.cloudfront.net

Software

Resource Hash

c48af1698e6e13a34a137eb360a3e7d0937ba31bd0332eee8af2b2972b49dd49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20982
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63051
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 10:02:01 GMT
etag: "3c5b1dac19edd9cdf05d029e575db3b3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: h4W5lANsGIqgEhIKruyouw5n_CynuHW4lZYF5BY0o45aHXV07K1aqw==

GET
H3 200 2641197072803735 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2641197072803735?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

593a7d1182ada5a65fba49579dbc554fc1b27cf7eb834c2e4e7c7e0b54d07a17

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89161
x-xss-protection: 0
pragma: public
x-fb-debug: fKpmUwFf9UkYHpTWaly5Cy9W0akdB/JoMSrcEazrGeusfRlNpRVw01mbZAGOaFLGcgOs+l7DIkzbq0ne+XlmSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Apr 2022 15:51:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 301 KB
108 KB 48ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4663753467999594&plah=www.istoedinheiro.com.br&bust=31066008

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4663753467999594

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e0c803725f13dfe7d635195de2634bc200b7340694a846e95912e05347de4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110325
x-xss-protection: 0
server: cafe
etag: 15388906724091596471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 15:51:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame 14CA 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4663753467999594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 59119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 23:26:29 GMT
etag: 4044455266028820542
expires: Sun, 17 Apr 2022 23:26:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tagreuters.com2022binary_LYNXNPEI330U9-BASEIMAGE-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportSportsNews/ 3 KB
3 KB 219ms
219ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportSportsNews/tagreuters.com2022binary_LYNXNPEI330U9-BASEIMAGE-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: a9895cc9118db5b2abff67568adbb82d327bc6c0fcff41c3787ed2fef2b2c37e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:47:31 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 15:44:36 GMT
server: nginx/1.20.2
age: 257
etag: "624b1264-af1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2801
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tagreuters.com2022binary_LYNXNPEI330TP-BASEIMAGE-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportEntertainmentNews/ 6 KB
6 KB 8ms
7ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportEntertainmentNews/tagreuters.com2022binary_LYNXNPEI330TP-BASEIMAGE-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: fb12716ba936c501f5e91714039a4c7f232e8a8db582566f3e547878f098896f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:32:36 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 15:32:30 GMT
server: nginx/1.20.2
age: 1152
etag: "624b0f8e-1744"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5956
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mariapaula-1-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 5 KB
5 KB 11ms
9ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/mariapaula-1-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: e978ea2824995c6a8d0ffee5d27fb5ffff33939892c26e450bf24cd71ecbc35a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:26:52 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 13:52:10 GMT
server: nginx/1.20.2
age: 1496
etag: "624af80a-1530"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5424
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tagreuters.com2022binary_LYNXNPEI330NL-BASEIMAGE-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportBusinessNews/ 6 KB
6 KB 11ms
10ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportBusinessNews/tagreuters.com2022binary_LYNXNPEI330NL-BASEIMAGE-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 1e815b0a4c219f8e457f46a5db404aed34b302b0b335b54db07f01507a2908b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:47:00 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 13:46:28 GMT
server: nginx/1.20.2
age: 7488
etag: "624af6b4-18b6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tagreuters.com2022binary_LYNXNPEI330SI-BASEIMAGE-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportWorldNews/ 6 KB
6 KB 13ms
12ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportWorldNews/tagreuters.com2022binary_LYNXNPEI330SI-BASEIMAGE-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: b16e75238f4726e01330f4fd81713ae7672c11987bed1d52d6ed0897472ee261

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:10:32 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 15:08:07 GMT
server: nginx/1.20.2
age: 2476
etag: "624b09d7-16d3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5843
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tagreuters.com2022binary_LYNXNPEI330RR-BASEIMAGE-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportAgribusinessNews/ 6 KB
6 KB 11ms
10ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportAgribusinessNews/tagreuters.com2022binary_LYNXNPEI330RR-BASEIMAGE-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 13f8188a240dd4652cfa5ed265f2fe15b36ef6c1fafbe8fb07b930f06c89fcff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:04:14 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 15:02:19 GMT
server: nginx/1.20.2
age: 2854
etag: "624b087b-169f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5791
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tagreuters.com2022binary_LYNXNPEI330RK-BASEIMAGE-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportAgribusinessNews/ 6 KB
6 KB 13ms
11ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportAgribusinessNews/tagreuters.com2022binary_LYNXNPEI330RK-BASEIMAGE-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 65c3c31e58326021af4f383d426a9a82f1dede9883ea22ded0059c05a29757cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:03:14 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 15:01:18 GMT
server: nginx/1.20.2
age: 2914
etag: "624b083e-173e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5950
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 8b1fe4252f8cae358f321e88d7629ff440d4c48d-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 1 KB
2 KB 11ms
10ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/8b1fe4252f8cae358f321e88d7629ff440d4c48d-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 5300748c406275dc33742fe2d327570abbab4217b896fcbe8ed3fca020c16a79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:10:32 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 15:08:21 GMT
server: nginx/1.20.2
age: 2476
etag: "624b09e5-5ef"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1519
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tagreuters.com2022binary_LYNXNPEI330RC-BASEIMAGE-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportTopNews/ 6 KB
6 KB 14ms
12ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportTopNews/tagreuters.com2022binary_LYNXNPEI330RC-BASEIMAGE-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: ab673fabe7104b122c5a975ec35f9a34aabfd7b81d4a2582cd1d6d4a80b73da2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:53:44 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 14:53:32 GMT
server: nginx/1.20.2
age: 3484
etag: "624b066c-166e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5742
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 b10e24269e7ca2af494ac0f72d7f55c36f98b4a5-1-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 1 KB
1 KB 13ms
12ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/b10e24269e7ca2af494ac0f72d7f55c36f98b4a5-1-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 9c79974c085d3ad8ad9dccd708d69f23e6932983b4fd3be6180e4c6d1a6ac709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:10:51 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 15:08:12 GMT
server: nginx/1.20.2
age: 2457
etag: "624b09dc-4c7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1223
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1138mc115-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 3 KB
3 KB 13ms
11ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/1138mc115-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: f33e91141973720bf0835ccb12dbedfa345dd8de06835f346afc6613752a8e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:42:11 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 14:23:13 GMT
server: nginx/1.20.2
age: 4177
etag: "624aff51-a12"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2578
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tagreuters.com2022binary_LYNXNPEI330Q1-BASEIMAGE-102x57.jpg
www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportWorldNews/ 3 KB
3 KB 14ms
13ms Image
image/jpeg 34.149.44.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportWorldNews/tagreuters.com2022binary_LYNXNPEI330Q1-BASEIMAGE-102x57.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.44.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.44.149.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 9f4058e71b4a9342a5d48f5ceb3a676c21d65ceab7812cf54531171e8813d56a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:33:15 GMT
via: 1.1 google
last-modified: Mon, 04 Apr 2022 14:29:39 GMT
server: nginx/1.20.2
age: 4713
etag: "624b00d3-a24"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2596
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=166&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Warning%3A%20Do%20not%20add%20multiple%20property%20codes%20with%20AdSense%20tag%20to%20avoid%20seeing%20unexpected%20behavior.%20These%20codes%20were%20found%20on%20the%20page%20ca-pub-1592119126114388%2C%20ca-pub-4663753467999594%0Aat%20gp%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3Fclient%3Dca-pub-4663753467999594%3A228%3A301)%0Aat%20fp%20(adsbygoogle.js%3Fclient%3Dca-pub-4663753467999594%3A227%3A326)%0Aat%20adsbygoogle.js%3Fclient%3Dca-pub-4663753467999594%3A242%3A677%0Aat%20ei.n.oa%20(adsbygoogle.js%3Fclient%3Dca-pub-4663753467999594%3A85%3A794)&shv=r20220330&mjsv=m202203300101&eid=44759875%2C44759926%2C44759842%2C31066008&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 44ms
28ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 459
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6f6b3521adf80211-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 07 Apr 2022 15:51:48 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 50ms
13ms Script
application/x-javascript 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=33593
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-13292077-1&cid=2055158830.1649087510&jid=1313486671&gjid=1608546249&_gid=2036373861.1649087510&_u=YAhAAEAAAAAAAC~&z=1210142387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Apr 2022 15:51:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 75ms
9ms Script
application/javascript 108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:57:01 GMT
content-encoding: gzip
last-modified: Sun, 03 Apr 2022 15:31:46 GMT
server: nginx/1.18.0
age: 3287
etag: W/"6249bde2-1090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ewwB-16wrp0QdWzYc0i72ktwu2RBR_9O-mWTDnds1D514p4WQuB3Vw==
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
expires: Mon, 04 Apr 2022 15:57:01 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 349 KB
92 KB 74ms
19ms Script
application/javascript 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-121.dus51.r.cloudfront.net

Software

nginx/1.18.0 / PHP/7.3.23

Resource Hash

3a230409f63d543757a853180d5032e1ed59f3e515c9eb286cb65786e9c753a9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:57:01 GMT
content-encoding: br
age: 3287
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
x-xss-protection: 0
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 14:57:01 UTC
server: nginx/1.18.0
etag: W/"287f61e829103a6af135fdb42496dbf1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 6-p3mxUvOQj46g6ID2l26VNKWCEZCqEymcLi8bCLbO-G4j87b-2VMg==
expires: Mon, 04 Apr 2022 15:57:01 GMT

GET
H3 200 container.html Show response
da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A186 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:48 GMT
expires: Tue, 04 Apr 2023 15:51:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load.js Show response
widget.perfectmarket.com/editora3-istodinheiro/ 3 KB
2 KB 51ms
13ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editora3-istodinheiro/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-istodinheiro/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98252c1da475545dcd46bbd6f04292ec09bf843b73074ea7de3efd05dd39ce5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: TAvPlsfK8ndMGOrQOF45o32wggzlkLTZ
content-encoding: gzip
etag: "26661dfef4c9dfa684a84892ea8a2a8a"
fastly-original-body-size: 1229
age: 31
x-cache: HIT, HIT
content-length: 1229
x-amz-id-2: AeALosUJPxonUlOrdA1ZPlUiCPHByNK5wLsGi4WHzVT8ote9O0nYI9/o+XeorbCeZGGiBhje3Z8=
x-served-by: cache-sna10734-LGB, cache-hhn4049-HHN
last-modified: Thu, 02 Apr 2020 11:07:16 GMT
server: AmazonS3
x-timer: S1649087509.950175,VS0,VE1
date: Mon, 04 Apr 2022 15:51:48 GMT
vary: Accept-Encoding,,
x-amz-request-id: M1G2CD6J3BAH3ASH
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 698 KB
134 KB 22ms
10ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-istodinheiro/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8db980d4051813f15c254961f906f82c8c6f504a474bb8c1f231699500d8fde5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: zt92u67QJyBXmgQMLPhCsYKgHOn.q11r
content-encoding: br
etag: "e5e3632d4c73ed0abb4961cecace58ff"
age: 25665
x-cache: HIT
content-length: 137189
x-amz-id-2: dAhfeBBCL1hCa/rKi1KDzu2qeFyxVJnTzOdhZIRrX4NFtY3WHv1sT6zIQcdE4Uxq/dxAwM11TH8=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 04 Apr 2022 08:42:46 GMT
server: AmazonS3-br
x-timer: S1649087509.923130,VS0,VE0
date: Mon, 04 Apr 2022 15:51:48 GMT
vary: Accept-Encoding
x-amz-request-id: 357RFDA55BX4WHXW
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 27
x-cache-hits: 19051

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 42 B
410 B 409ms
97ms Script
application/javascript 34.192.67.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=LARMX9YH&h=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&t=1649087509940
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-LARMX9YH.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-67-210.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: b4d587cecda63acc6a4c5574619791f557d0b59e0676453fbba7b347e0bc4bd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 15:51:49 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 12ms
9ms Script
application/javascript 99.86.7.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-LARMX9YH.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 03:53:37 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 45484
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: yfnP7JCdGEOzfrBYgwrOuxGwK4VKRj9ImHC0VcmXXDzjfMbse3Yfew==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 98ms
10ms Script
application/javascript 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-LARMX9YH.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 11 Apr 2022 15:51:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.istoedinheiro.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.istoedinheiro.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 429 B
267 B 231ms
223ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2759338911394495&correlator=4443310332362798&eid=31066025%2C31066038&output=ldjh&gdfp_req=1&vrg=2022032909&ptt=17&impl=fif&iu_parts=22452847%2CIEDinheiro_Internas%2Cpolitica-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&adks=2565176186&sfv=1-0-38&ecs=20220404&ists=1&fsapi=false&prev_scp=pos%3Ddhtml&eri=2&sc=1&cookie=ID%3D1b4da7b35deae1ff-2262634c6dcd0077%3AT%3D1649087508%3AS%3DALNI_MaZt5_quWYVPBLj-4J2jGFPQBINvA&abxe=1&dt=1649087509953&lmt=1649087509&dlt=1649087509141&idt=213&biw=1600&bih=1200&adxs=0&adys=2929&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x2929&msz=1600x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

fe66210f716709717dc6446d90abcc731aa5987f705e2b3d4b4fc2ecd9ce9d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5739b43ccd6d42df/ 2 KB
728 B 36ms
27ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5739b43ccd6d42df/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d1c9e3ef3236ae98db96a00c1d89a7f94d3978b6d31a5000b3fe5fec36f31975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
content-encoding: gzip
etag: 409040651--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=19, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 553

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 233ms
185ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=624b1415a47b7790&bkl=0&bl=1&pdt=764&sid=624b1415a47b7790&pub=ra-5739b43ccd6d42df&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=www.istoedinheiro.com.br&fp=hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1649087509991&jsl=4097&uvs=624b1415a0b37534000&skipb=1&callback=addthis.cbs.jsonp__91253705630595490
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4b7034601d7f877d8ffb60c0a24ca7062a292e836250c29628abe0face35da71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame A413 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 590D 71 KB
26 KB 20ms
19ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Mon, 04 Apr 2022 15:51:48 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 74ms
33ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Mon, 04 Apr 2022 15:51:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 39ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12962565-11&cid=2055158830.1649087510&jid=1124107357&gjid=1998165794&_gid=2036373861.1649087510&_u=YAjAAEABAAAAAC~&z=460749919

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Apr 2022 15:51:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 69ms
43ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-13292077-1&cid=2055158830.1649087510&jid=1313486671&_u=YAhAAEAAAAAAAC~&z=630802276

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 157ms
129ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-13292077-1&cid=2055158830.1649087510&jid=1313486671&_u=YAhAAEAAAAAAAC~&z=630802276

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 778C 2 KB
1 KB 30ms
7ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2306807.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-118.fra53.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 5122783
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Feb 2022 08:52:06 GMT
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
vary: Accept-Encoding
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: syeh84S2auBN1r3u-e251C_tvHedTjP3b2vH-4w-ezhQLTaU392puw==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK reply Show response
nave.foone.com.br/gateway/ 16 KB
16 KB 196ms
195ms Script
text/plain 54.205.191.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nave.foone.com.br/gateway/reply?navtrackdata=%7B%22clientip%22:%22217.64.151.9%22,%22timestamp%22:1649087508,%22source%22:%22eef0ff46-01e5-11ec-acda-53613212d6c6%22,%22nvtags%22:%5B%5D,%22url%22:%22https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/%22,%22uuid%22:%22711a4b32-4ba7-4d8f-bb4b-15a69c3cc3bf%22,%22refuuid%22:%22711a4b32-4ba7-4d8f-bb4b-15a69c3cc3bf%22,%22hostname%22:%22www.istoedinheiro.com.br%22,%22pathname%22:%22/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/%22%7D
Requested by: Host: nave.foone.com.br
URL: https://nave.foone.com.br/client/eef0ff46-01e5-11ec-acda-53613212d6c6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.205.191.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-18.compute-1.amazonaws.com
Software: /
Resource Hash: aa23de7db2a0bf8b9d8acec22eb3ddd1cbe43761edf1b2607888393ae6267be1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
keep-alive: timeout=5
content-length: 16159
content-type: text/plain; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 28ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2641197072803735&ev=PageView&dl=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&rl=&if=false&ts=1649087510181&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1649087510178.383140550&it=1649087509691&coo=false&exp=p0&rqm=GET

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 04 Apr 2022 15:51:49 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/79d9049e-3bd8-484a-9d33-0d7d084775cf/ 3 KB
2 KB 33ms
23ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/79d9049e-3bd8-484a-9d33-0d7d084775cf/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89619d4bdefe80961262461b5ad72375c5bb5435094ef68d49523e90fa666767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 622
cf-polished: origSize=3456
status: 200 OK
x-envoy-upstream-service-time: 59
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e6bd294e-bc88-43a0-8a85-11223ff39ac6
x-runtime: 0.058651
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fcf49784b6d76f4ab11ca2e9f38020e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6f6b35246dc301e3-ZRH
access-control-allow-headers: SDK-Version
expires: Mon, 04 Apr 2022 16:51:49 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
247 B 48ms
17ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.istoedinheiro.com.br&callback=_gfp_s_&client=ca-pub-4663753467999594&cookie=ID%3D1b4da7b35deae1ff-2262634c6dcd0077%3AT%3D1649087508%3AS%3DALNI_MaZt5_quWYVPBLj-4J2jGFPQBINvA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4663753467999594&plah=www.istoedinheiro.com.br&bust=31066008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B51 23 KB
1 KB 113ms
95ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&adk=1812271804&adf=3025194257&lmt=1649087510&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509706&bpp=3&bdt=565&idt=505&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b4da7b35deae1ff-2262634c6dcd0077%3AT%3D1649087508%3AS%3DALNI_MaZt5_quWYVPBLj-4J2jGFPQBINvA&nras=1&correlator=4328568371686&frm=20&pv=2&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=521

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da2fd2865eeb44850745ccca3d20a81e20150a79abb4ec241c750851d7cee264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 1473
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0073 624 B
299 B 34ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhiJ5I-_ATAB&v=APEucNVi4zArQok9MWAKkgHqtIi5v2CUv5ZwX0DZknEWBn8CiR13nf13-n7jJEkJlsho2YnctjC0k2Onxz5lnmbMZaKyftSz3VjXlYJF5pgicqtE54MBMVN3aWgvzCxJP2qTcB5uP3AvhFBt2c1ROGV0A2Ft1Q3yLQ9H9rchPytVVh0PakYSt68

Requested by

Host: da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com
URL: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:49 GMT
expires: Mon, 04 Apr 2022 15:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A186 59 KB
29 KB 50ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C45sR-2IFqMZLCQmMNtO8JZVhTSjf3Ks0SSuPb8DG291ee6WDIYQdnSiZaw2A0G_ERwOqormG0skOkS83AjM10SZT7eg&cry=1&dbm_d=AKAmf-C1Mzf95Svvqtppz6YAHl5IGBsUyN0xS4lBo8Hqcy4CGcOsmUwJmUZ5xnLzC5bPMokgMZeAqHn23xrGR4m-NaiE67h_qAdUGsrVjvUzeXDBNQ0rPUGDaIz1Ehqbi26SR3MRTDyRG9eBrzjSQyPzqONSY_1QIlk6AEDk6N5ehXyzzrnn9ZqK2QIix4XRlnBRVKxAMb9tBwAaepx2gUB_eqj4qUTc0K3yB_dOAbx_nzLNZLAtUc0tl2tCU-Y1oENMg3sd9sNgHrhUgN0Q8-eL0jjBtPcKBFds-0_V0ljlSFFVgXrFSTeRTlY_O4Miull89FLq7sbE-8LY9dxX_y0sjGL-VU9aWi3Yzu0vtEz81GlxPtr7XSA7rpckTKx3G4TLAiS6awAJtf8WxX9kbrW2WcMQcIobsQsZRY73vehCFhyqBhdCV5jOZOtwssJV4CqGWZkNPZTLqYHqtV7qGr-jf4JYu2H6dJxxIhTVDA8lY6U6724tUZWWX5TpGHE8dQl5Ri2lMl-QARfNz1zNTJHfYzpPNqeoRVHzPhCPoNqE62PlH6eKEggIQhsd1TSGEZnBOojmdcJe6FNMRFqDNh0_ajoS0rtN4wP4lQbs_CvpvwFQxXulYXMtkZrO3XZhRSYvDl5v055ibRnQeevi9HkXPI8Ckbgjuc2LqcHVdDa8UtYCPUZaWZGtnbi0wxghLxpgCrLHMFj9bK8HTaA5kgW0ACcyliJ-hHN0tSgunYyyUNmUlaLqXAS2A3SWT9j3YwkVF1F-zm4kytc_XAWwS57fYoZW9I8nXzKqUIyjmiRUUZLn5WxNXbI1eVD1BddPA9dRAfsTp73V3fEIthxacqaw9Y4_3OZRe8lLJbgJZUddbw5pi69ffdT8N70uS67iJkWYn_M_BlOqZh9K2ansVAhYs0Udz3NDWzIT_gFdtUkdcHA1sEPuF2CoAJ9v_nSh5gmrbql9dULhFr5iMSsh3pAsxtFVP717aU-rUwhE1oKTSd5LP2Um-PPG8urtaXRbD51Rt6daeLr2w1DRq9bqowPSm1PlI3OlBRDHdAAXAoFSB5ajBDwUw_rPdq3Kw319MSULRJeHlz67M3P-0GkF_-FKnECljkjClhM5JSVCBNfrKL-Mc84tOPPRkmOSO5EEbc70LsxUtvIUkXlIIP2Une8L0odBw15AUD8yu7a5ybUpwYDa6YK2g8PcnoizPVoKvU3uTenpzD4VIe1LhbrqwaRo2-J9i2kpu9Ikf31BZD7IKs5iDFCv2GPyLA5bgduP8qZHDUKKb_ynQR3DbNnpYbnQm142JTK0bC1CarvwHKWdiAO61qDB4hJUiQm2nCxFIKH4KjVHxB3XYij753z1XbtqOEno5Xc8_HE_NvA1Avhz3PQ8Ur7j7qNCz6xv2prrp8rvie6QT-Ru6FJMVQnPtZ9FDk6BKaT9MUMTlq5lRxd5Z_Vpxh4k1X8GYuIW7saNySB2aIZ1dtpRMeP4CaJGmVP0AmeclVqMQ9RRXlYoOme_3kRMVPT8-JpuiNARQL40KmGQVWqYe0M6sB6SwtsuJrYXZ1v4k27c-DkmUVimAtc4nE8H4OT8IfACP58mbVRjHu5ssiGireN8JO1IimJBW2TILjdoAe0pmM1Np3YkqXGMFKg97fUGgodEUGPXWkZJirMY-JXNh8-ilRTuRzbA05k5FlIac8R40OnYEyJe4omwasROxK81EJtq2zRFAxiwb1o4L6hdHaw6wmOaGgGAYUfo-mOfibadtkQFYOk_WPexkEaD4snq-ac2k674wnSrmZLXqwvoD0_wu0ATYzduXUudZybrEGoTX9r0GJxyDeQ92Nebis2fw_R2Vwsh4BrdslhJLdoEOPu-7QNa8guChy2bPxZ0ZTC3aewQVrvUJ0hnaboxoOhz_8KbOVRR3GOX3NKPOuFqRGSIWzNaoTvHg57Ly1mXP9XiK5XQjyI5cysW0K31AM1JQS-y6O_MqfjO2UPwiQhIluQCWN8nAWYbSsju7rJZFb4bNVmjfwOCgAOgz0Yl_Bf_tW5PcLqR4PX9Jy5HI03h2Y3Hg2VOkRetww44KG0VXkg8hJng983nyIuTgGOyWg9dOIennvecYi0_bQuCzsGHGs8zs6Cwj1Xyx7BFW6aVNcE2D4-mogH002Uhn9J6zLgyjmnlmW4G6pGBkHQAb1bJZeI8sn_2_XGbPBEnGCIokgvak6wYpCDheDDtbxQwu0vbS9ZC5bXZvWGWy91nRxz051SBsc9QnvaOni1YAUVTjBsXE4EH31_RUfuJaZVGCgsc3ejCj2siKAygxf8HQpU1QY35sEarT2v7izjFUCi4mPiwUkIkL-jNSb-90yF5YsczniVajVIXKqjE-zzXIvWqJJK9guMHS3Ze35bPNzmTgtiOuKwjOqF1XWuzI6D5ldkdoxErk1r3TfKJ3vXk7IFIugYNtiOsHOe5wo3pdUxSXRKXbnFQnTlSS9wCzLHUhepkkQczyrXvkhBWaypiSL0gYNWt4puYGADTlxvX1tNFndjMjKTNquKqU7cJunNZnrm1uMsCvZAykWGeEqtN_FudA0I-U56KdkE4xXEQ9pn0wKokQFSHNDsVxXXF1lNyC7KPnx4STZ2N5mPchXEI2rAjZPmP3nOjPAX2cE4GfK7FqmaM6kYBCNeSNnKaKVCZOHCfrsIxwRmy3kXBz4LjasFs_RbQg8YvuE0_qfqif2NHJ4YI3QdBGuB_IpB2AaE2SuIJ6ReC-0u0DjsnaxPIYidlBdyKZY8ohkjLcZ1KV3t3DfOsD-YTIp6eGJwqjOUFXPRCZz7fvZh2Cu5Tt1F1lduzImezYPZlml-IdYIsgG-97JoW59x6v9gWEjwun3TO3JxuC3u9tgwsr_oZQX1wMn1dOnmf-9t3hCDmcbIqr-4h4fVYemJDX85INQgv1HRA7Y6iprxbJkcGFUID4FlJLMzsOibkn6j0h6h8R-5RJ3pm8DDb5X-dP0jeqGEWb8XPrZ0c1m3ls9va8j9k1oLKLfjVV-zrcF09x4CGsiQQmFwkIluMf1wpjLwXMYGPmT3NdoxCGqOXvyDDmmYGXvhm95C0nDRVesOJVCX4xEgmbol_GjTO1gSRcn99rUjZ9zxwxzaUILeBOX3j1ktT1fmJWJiSek66O0qW023a04BOySAtZHvzeDueCcWkx82SP7zwji0bgHk1G9mYzt5pXstBdgXYukpxiA8USvslVMjjSmXPfv7M8klnneE5YdGL9i6sln-MyWz5yozO_gMT4Gjql8OmU-inXdUJWsYibk4GjYsucUnmWChtOJ6iCn-dHSTOspmZmRs&cid=CAASJ-RoYa1pq1FggUMEnTE2Z0idFQBMEIIWkJ1GmcVEJwgGwZXKhW4mcA&rfl=1%2Chttps%253A%252F%252Fwww.istoedinheiro.com.br%252F%240

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bf71f112d2fef1fac7f1d4dce9090b4722d96a5bdd5ef7c2cb8cbd8263c5493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30160
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A186 42 B
63 B 43ms
39ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCz3S4BOmF0YkOY6ZACg6CxNK3IiHbIDBsN1tpgDIvVkQatOGGzz67P6wODAKUvnuScSo2ITxbNVmDLU_ajpjpwRC-RlYbuJywVp6jv2oaDY_97Kk

Requested by

Host: da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com
URL: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A186 2 KB
1 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com
URL: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A186 119 KB
36 KB 99ms
80ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com
URL: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:51:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A186 15 KB
7 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com
URL: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A186 0
0 38ms
16ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzae0GiGCamL99shddOCxpNYiigSLzadCaZSqYq7NWyc5fF_AEM78q3ocVD31n6j97G6fuUhzj5qSTxmIMNraUyo_rQQ
Requested by: Host: da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com
URL: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 51ms
8ms Image
image/x-icon 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 18:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Apr 2022 18:36:48 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 67ms
14ms Image
image/svg+xml 23.35.229.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.229.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
last-modified: Wed, 30 Mar 2022 13:33:34 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1648648295.971679"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 04 May 2022 15:51:49 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame E9B3 222 KB
62 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 600083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E9B3 16 KB
6 KB 47ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 600083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E9B3 96 KB
29 KB 48ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 600083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E9B3 74 KB
17 KB 53ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

513db1539e2636a80095ea5400aba7f55aa44b4d78eb0440cc87b6d693cf6090

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 600083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17308
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e7f38e1fe946943"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E9B3 5 KB
2 KB 54ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 309987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 01 Apr 2022 01:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Apr 2023 01:45:22 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E9B3 42 KB
13 KB 54ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 03 Apr 2022 15:24:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 03 Apr 2023 15:24:15 GMT

GET
DATA 200
OK truncated
/ Frame E9B3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2d9df067dcac0d445c2c4c6707a377c24d46fcbe0e09b0f23667abbee6bed75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bg1.jpg
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 21 KB
21 KB 27ms
9ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/bg1.jpg

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ec022c2648a7848252a483514ddbb21a67533a48a605a305a22d279effd320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 17:47:30 GMT
x-content-type-options: nosniff
age: 511459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21183
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 17:47:30 GMT

GET
H3 200 bg2.jpg
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 21 KB
21 KB 41ms
22ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/bg2.jpg

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a87c72dd08ba147383779f1230ff635da77f93883fc402a9ab31a66b9b4970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21349
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 bg3.jpg
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 22 KB
22 KB 51ms
32ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/bg3.jpg

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68547c67786349ec35644905bea85f9eaa5177f1d762b4aa8b111868ea91e6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22477
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 1 KB
1 KB 52ms
34ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/logo.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5821bdf832e92c756801a26a3afb345955fe3e32d130136d93ada2b235a10d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1213
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f1_produto.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 8 KB
8 KB 31ms
13ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f1_produto.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c232fb3d5065a0dd42ca838a45abc9bc892d285ad40deb18c1119ce01040a425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7947
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f1_txt1.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 745 B
772 B 52ms
34ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f1_txt1.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34195593868a1ee752ed21ccb4c75676481a47dbbf5e583464e106f87079b8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 04:58:38 GMT
x-content-type-options: nosniff
age: 557591
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 745
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 04:58:38 GMT

GET
H3 200 f1_txt2.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 696 B
723 B 53ms
35ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f1_txt2.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31795ad93b347a22681c91b4db1dc93fcaccd687aae124dcea03f344c2167141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 04:58:38 GMT
x-content-type-options: nosniff
age: 557591
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 696
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 04:58:38 GMT

GET
H3 200 f1_txt3.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 613 B
640 B 51ms
33ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f1_txt3.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d788dd4a4b0613d5b286dcb77eb8b9e1cfcfb361e1481088c18eca78e82683e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 613
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f1_txt4.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 725 B
752 B 30ms
12ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f1_txt4.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

751e3b159a6a915733fba0050df55cef2c9da43e79397b02d66b182f6897d0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 725
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f2_produto.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 11 KB
11 KB 51ms
34ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f2_produto.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e8fd4a2cb108ba6a782617751572c13b76ce4e46331a4c6be27c2c3774af772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10868
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f2_txt1.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 648 B
675 B 36ms
20ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f2_txt1.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6016927154af8cf7541d5f21b44c093cb1309e48011c9efedc47c09e64043429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 04:58:38 GMT
x-content-type-options: nosniff
age: 557591
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 648
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 04:58:38 GMT

GET
H3 200 f2_txt2.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 642 B
669 B 36ms
20ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f2_txt2.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f83800ec0ec11bb606f34151c2c31053f67b79c351e3e2eace9f50d4f7966b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 642
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f2_txt3.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 657 B
684 B 35ms
19ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f2_txt3.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a3defdc60c4e35f6cd61faae72dbd83e8e0acc350484f0fa678b5774ec040d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 657
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f2_txt4.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 731 B
758 B 34ms
18ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f2_txt4.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f3024ab38f1a6d05d03b13c7720762e3332fe371bbc6f3252f36ad2b987f5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 731
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f2_txt5.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 566 B
593 B 33ms
18ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f2_txt5.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92735b43f554eb401dad2964ee21fcd5f3c0d95a80cb06af94fe9804115abc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 566
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f3_txt1.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 2 KB
2 KB 36ms
20ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f3_txt1.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e02281cc945565d959f6f0402da45e4ffb5bf120a43c57e7ad8bf6c57081a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1839
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f3_txt2.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 1 KB
1 KB 38ms
23ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f3_txt2.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf58112083b79db5ea2c10ca707a3fff061520c1b881d0ef3748fc1a02f93114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1410
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 f3_txt3.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 1 KB
1 KB 27ms
14ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/f3_txt3.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d19859bbc62b4768c57823cbeaa99a26b9d71eb0deda9ea6d7c36ff56f0fff50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1398
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/ Frame E9B3 820 B
847 B 26ms
13ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8902485594866260140/DV360_160x600_150kb/cta.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed9caf62bfd76fd2174b4f5e6c3b0464027bb82609938096dbc00076dcb1d42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:39:24 GMT
x-content-type-options: nosniff
age: 745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 820
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 19:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 15:39:24 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E9B3 3 KB
3 KB 26ms
13ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:09:39 GMT
x-content-type-options: nosniff
server: cafe
age: 16930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 05 Apr 2022 11:09:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E9B3 344 B
368 B 20ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 32735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 05 Apr 2022 06:46:14 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E9B3 0
0 55ms
54ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjEYRFBRLYor1MZKLjuwPg7mvoATuuYu9aeX-qaXcD_qd3KDUARABIOeIqB5g-4GAgJQKoAGdk-uSA8gBCakCyLOxO8LOjD7gAgCoAwHIAwiqBMoCT9D1nLJfpgcVMqwaQ_u-XHBO7EtT-Z1s9WKnT6x4bq3jJE55_T8r62jnPDE-ti37iU2HTyhwuU8E-TJCDL0kDYHFlxqaKVxG52mAENru9jYBhnQSBEWvswvtsojvtgbWetDhrldAHdAEMByBurorh6wOiq999CihSVu38vZLOABe_o83DWzGYPuZZpIc5tKk5T8xoTcq9EJ3Wof8yLCBf6k3GlsF0ehUQ19ttdgQ5SCp5c1zEsGYuM-ZZwRq5MaYz1jlOwG5yuJS0mfoZUqRv_NGeunWcsWabLaXZ_2wF316ewg0fjRvWgcwxCiGbDuAUOzVWcn0C_kLXz4oJh14qMg3iPFsaG2FWPgEx1COcSpiOdh7BYu0LAm1Hl0FJwOka3D92xlPoUMtN265WWLUxyxZ265Ohfyjes-JhWDhbdJmk_1-O53q0qF_wATipIOs9APgBAGgBi6AB7rqzJEDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5ZEO0ggJCIjhgBAQARgdgAoDyAsB2BMDiBQB0BUBgBcBshceChwIABIUcHViLTgzMjk5Mjg4NDQwMzMwMjQYh7AO&sigh=gv4TGtg_X6g&uach_m=[UACH]&template_id=419
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABBA 91 KB
33 KB 448ms
445ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=4199536445&adf=946561708&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509709&bpp=2&bdt=568&idt=619&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Nr6cGydeN0&p=https%3A//www.istoedinheiro.com.br&dtd=632

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba6c0bee6c2e1bbf83c3e13d6c46152385ef5e07d103f38cc42c18df0f705738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 33495
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 3 B
430 B 55ms
8ms Script
application/javascript 2600:9000:206f:ec00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ec00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 00:55:16 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
age: 53801
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:26:00 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: scwhztsHbeKDxpxKJ1QuNj_5aQjVCCNq_PB4lPSvZEJePTZ6BRF4vQ==

GET
H2 200 pmk-202003261.3.js Show response
widget.perfectmarket.com/editora3-istodinheiro/ 111 KB
31 KB 13ms
0ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editora3-istodinheiro/pmk-202003261.3.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editora3-istodinheiro/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e6ee80586d5bb6c4ed6514a09597becaddb44a0d1e18231117a8c7dd0735dd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: jfgRUvZTe7rgyqc7qe_x9Qax5E2dx1._
content-encoding: gzip
etag: "cbbc22c36db5162290bc49be94012f8e"
age: 1576885
x-cache: HIT, HIT
content-length: 30959
x-amz-id-2: AzLs4+XOI0l8l6DTgCbvgtIcwWGPNtiImcfa6QlGlYt8I0OYJIG+p/Pc7kNbIVASZgZ3yHahA44=
x-served-by: cache-sna10746-LGB, cache-hhn4049-HHN
last-modified: Thu, 02 Apr 2020 11:07:15 GMT
server: AmazonS3
x-timer: S1649087509.325557,VS0,VE1
date: Mon, 04 Apr 2022 15:51:49 GMT
vary: Accept-Encoding,,
x-amz-request-id: 58EEB1VNAFXG8Q5N
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 204 b
sb.scorecardresearch.com/ 0
284 B 26ms
8ms Image
text/plain 99.86.7.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1649087510351&ns_c=UTF-8&cv=3.5&c8=Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20%27ajudar%20prima%27%20-%20ISTO%C3%89%20DINHEIRO&c7=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&c9=
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-129.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: z3UxIUXAwRTBOOr6c4PiUCKX3pkSaPqF-9WPK5t-9qEoOIh9RwxMDQ==
x-cache: Miss from cloudfront

GET
H2 204 b
sb.scorecardresearch.com/ 0
283 B 19ms
11ms Image
text/plain 99.86.7.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1649087510356&ns_c=UTF-8&cv=3.5&c8=Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20%27ajudar%20prima%27%20-%20ISTO%C3%89%20DINHEIRO&c7=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&c9=
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-129.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: gab9pM2KJBgGMtxSZhh3E-6u5q39EA0INs-rD-L27Df9Nl-JQhsxKQ==
x-cache: Miss from cloudfront

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 32ms
23ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 04 Apr 2022 15:51:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 json Show response
trc.taboola.com/editora3-istodinheiro/trc/3/ 55 KB
13 KB 887ms
879ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editora3-istodinheiro/trc/3/json?tim=15%3A51%3A50.433&lti=deflated&data=%7B%22id%22%3A583%2C%22ii%22%3A%22%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1649063128187%2C%22vi%22%3A1649087510430%2C%22cv%22%3A%2220220404-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F%22%2C%22vpi%22%3A%22%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3236%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A10%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2727.421875%2C%22mw%22%3A939%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c686eb65c61f1f16573d3ae0486463dc7f1a9b6e9d383e737a23392b940e5ae3

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 867
date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
server: nginx
x-timer: S1649087509.417300,VS0,VE867
x-served-by: cache-hhn4083-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.istoedinheiro.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.istoedinheiro.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.istoedinheiro.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7FE 105 KB
35 KB 440ms
440ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1592119126114388&output=html&h=200&slotname=1648434458&adk=1933033968&adf=3828634993&pi=t.ma~as.1648434458&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509711&bpp=1&bdt=570&idt=731&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=2&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=CGuyzHHzL1&p=https%3A//www.istoedinheiro.com.br&dtd=736

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7eb91b9a29d0b3a6ed8a1145f760a058137738126e1c9554c28dd3549a91d946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 35905
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0073
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCFvUvcQFoYlkKtYGVCdhQ&google_cver=1

43 B
1014 B

50ms
22ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCFvUvcQFoYlkKtYGVCdhQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhiJ5I-_ATAB&v=APEucNVi4zArQok9MWAKkgHqtIi5v2CUv5ZwX0DZknEWBn8CiR13nf13-n7jJEkJlsho2YnctjC0k2Onxz5lnmbMZaKyftSz3VjXlYJF5pgicqtE54MBMVN3aWgvzCxJP2qTcB5uP3AvhFBt2c1ROGV0A2Ft1Q3yLQ9H9rchPytVVh0PakYSt68
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 15:51:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Apr 2022 15:51:49 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCFvUvcQFoYlkKtYGVCdhQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0073
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YksUFZ5gaUOHZO5nt7rV.wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCFvUvcQFoYlkKtYGVCdhQ&google_cver=1&google_hm=2

43 B
894 B

24ms
24ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCFvUvcQFoYlkKtYGVCdhQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhiJ5I-_ATAB&v=APEucNVi4zArQok9MWAKkgHqtIi5v2CUv5ZwX0DZknEWBn8CiR13nf13-n7jJEkJlsho2YnctjC0k2Onxz5lnmbMZaKyftSz3VjXlYJF5pgicqtE54MBMVN3aWgvzCxJP2qTcB5uP3AvhFBt2c1ROGV0A2Ft1Q3yLQ9H9rchPytVVh0PakYSt68
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 15:51:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Apr 2022 15:51:49 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCFvUvcQFoYlkKtYGVCdhQ&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0073
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM1QQP71Y1dnsqSc0llMdVQ&google_cver=1

43 B
1013 B

27ms
13ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM1QQP71Y1dnsqSc0llMdVQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhiJ5I-_ATAB&v=APEucNVi4zArQok9MWAKkgHqtIi5v2CUv5ZwX0DZknEWBn8CiR13nf13-n7jJEkJlsho2YnctjC0k2Onxz5lnmbMZaKyftSz3VjXlYJF5pgicqtE54MBMVN3aWgvzCxJP2qTcB5uP3AvhFBt2c1ROGV0A2Ft1Q3yLQ9H9rchPytVVh0PakYSt68

Protocol

HTTP/1.1

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 15:51:49 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2d6a8aab-0d69-4b9a-aa8a-fc2309e995af
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM1QQP71Y1dnsqSc0llMdVQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0073
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4NTQ1MjIzMDAyMzQxOTY5

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4NTQ1MjIzMDAyMzQxOTY5

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 15:51:49 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1f6901eb-4b72-4522-ad67-865298bfa34c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4NTQ1MjIzMDAyMzQxOTY5
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame A186 25 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C45sR-2IFqMZLCQmMNtO8JZVhTSjf3Ks0SSuPb8DG291ee6WDIYQdnSiZaw2A0G_ERwOqormG0skOkS83AjM10SZT7eg&cry=1&dbm_d=AKAmf-C1Mzf95Svvqtppz6YAHl5IGBsUyN0xS4lBo8Hqcy4CGcOsmUwJmUZ5xnLzC5bPMokgMZeAqHn23xrGR4m-NaiE67h_qAdUGsrVjvUzeXDBNQ0rPUGDaIz1Ehqbi26SR3MRTDyRG9eBrzjSQyPzqONSY_1QIlk6AEDk6N5ehXyzzrnn9ZqK2QIix4XRlnBRVKxAMb9tBwAaepx2gUB_eqj4qUTc0K3yB_dOAbx_nzLNZLAtUc0tl2tCU-Y1oENMg3sd9sNgHrhUgN0Q8-eL0jjBtPcKBFds-0_V0ljlSFFVgXrFSTeRTlY_O4Miull89FLq7sbE-8LY9dxX_y0sjGL-VU9aWi3Yzu0vtEz81GlxPtr7XSA7rpckTKx3G4TLAiS6awAJtf8WxX9kbrW2WcMQcIobsQsZRY73vehCFhyqBhdCV5jOZOtwssJV4CqGWZkNPZTLqYHqtV7qGr-jf4JYu2H6dJxxIhTVDA8lY6U6724tUZWWX5TpGHE8dQl5Ri2lMl-QARfNz1zNTJHfYzpPNqeoRVHzPhCPoNqE62PlH6eKEggIQhsd1TSGEZnBOojmdcJe6FNMRFqDNh0_ajoS0rtN4wP4lQbs_CvpvwFQxXulYXMtkZrO3XZhRSYvDl5v055ibRnQeevi9HkXPI8Ckbgjuc2LqcHVdDa8UtYCPUZaWZGtnbi0wxghLxpgCrLHMFj9bK8HTaA5kgW0ACcyliJ-hHN0tSgunYyyUNmUlaLqXAS2A3SWT9j3YwkVF1F-zm4kytc_XAWwS57fYoZW9I8nXzKqUIyjmiRUUZLn5WxNXbI1eVD1BddPA9dRAfsTp73V3fEIthxacqaw9Y4_3OZRe8lLJbgJZUddbw5pi69ffdT8N70uS67iJkWYn_M_BlOqZh9K2ansVAhYs0Udz3NDWzIT_gFdtUkdcHA1sEPuF2CoAJ9v_nSh5gmrbql9dULhFr5iMSsh3pAsxtFVP717aU-rUwhE1oKTSd5LP2Um-PPG8urtaXRbD51Rt6daeLr2w1DRq9bqowPSm1PlI3OlBRDHdAAXAoFSB5ajBDwUw_rPdq3Kw319MSULRJeHlz67M3P-0GkF_-FKnECljkjClhM5JSVCBNfrKL-Mc84tOPPRkmOSO5EEbc70LsxUtvIUkXlIIP2Une8L0odBw15AUD8yu7a5ybUpwYDa6YK2g8PcnoizPVoKvU3uTenpzD4VIe1LhbrqwaRo2-J9i2kpu9Ikf31BZD7IKs5iDFCv2GPyLA5bgduP8qZHDUKKb_ynQR3DbNnpYbnQm142JTK0bC1CarvwHKWdiAO61qDB4hJUiQm2nCxFIKH4KjVHxB3XYij753z1XbtqOEno5Xc8_HE_NvA1Avhz3PQ8Ur7j7qNCz6xv2prrp8rvie6QT-Ru6FJMVQnPtZ9FDk6BKaT9MUMTlq5lRxd5Z_Vpxh4k1X8GYuIW7saNySB2aIZ1dtpRMeP4CaJGmVP0AmeclVqMQ9RRXlYoOme_3kRMVPT8-JpuiNARQL40KmGQVWqYe0M6sB6SwtsuJrYXZ1v4k27c-DkmUVimAtc4nE8H4OT8IfACP58mbVRjHu5ssiGireN8JO1IimJBW2TILjdoAe0pmM1Np3YkqXGMFKg97fUGgodEUGPXWkZJirMY-JXNh8-ilRTuRzbA05k5FlIac8R40OnYEyJe4omwasROxK81EJtq2zRFAxiwb1o4L6hdHaw6wmOaGgGAYUfo-mOfibadtkQFYOk_WPexkEaD4snq-ac2k674wnSrmZLXqwvoD0_wu0ATYzduXUudZybrEGoTX9r0GJxyDeQ92Nebis2fw_R2Vwsh4BrdslhJLdoEOPu-7QNa8guChy2bPxZ0ZTC3aewQVrvUJ0hnaboxoOhz_8KbOVRR3GOX3NKPOuFqRGSIWzNaoTvHg57Ly1mXP9XiK5XQjyI5cysW0K31AM1JQS-y6O_MqfjO2UPwiQhIluQCWN8nAWYbSsju7rJZFb4bNVmjfwOCgAOgz0Yl_Bf_tW5PcLqR4PX9Jy5HI03h2Y3Hg2VOkRetww44KG0VXkg8hJng983nyIuTgGOyWg9dOIennvecYi0_bQuCzsGHGs8zs6Cwj1Xyx7BFW6aVNcE2D4-mogH002Uhn9J6zLgyjmnlmW4G6pGBkHQAb1bJZeI8sn_2_XGbPBEnGCIokgvak6wYpCDheDDtbxQwu0vbS9ZC5bXZvWGWy91nRxz051SBsc9QnvaOni1YAUVTjBsXE4EH31_RUfuJaZVGCgsc3ejCj2siKAygxf8HQpU1QY35sEarT2v7izjFUCi4mPiwUkIkL-jNSb-90yF5YsczniVajVIXKqjE-zzXIvWqJJK9guMHS3Ze35bPNzmTgtiOuKwjOqF1XWuzI6D5ldkdoxErk1r3TfKJ3vXk7IFIugYNtiOsHOe5wo3pdUxSXRKXbnFQnTlSS9wCzLHUhepkkQczyrXvkhBWaypiSL0gYNWt4puYGADTlxvX1tNFndjMjKTNquKqU7cJunNZnrm1uMsCvZAykWGeEqtN_FudA0I-U56KdkE4xXEQ9pn0wKokQFSHNDsVxXXF1lNyC7KPnx4STZ2N5mPchXEI2rAjZPmP3nOjPAX2cE4GfK7FqmaM6kYBCNeSNnKaKVCZOHCfrsIxwRmy3kXBz4LjasFs_RbQg8YvuE0_qfqif2NHJ4YI3QdBGuB_IpB2AaE2SuIJ6ReC-0u0DjsnaxPIYidlBdyKZY8ohkjLcZ1KV3t3DfOsD-YTIp6eGJwqjOUFXPRCZz7fvZh2Cu5Tt1F1lduzImezYPZlml-IdYIsgG-97JoW59x6v9gWEjwun3TO3JxuC3u9tgwsr_oZQX1wMn1dOnmf-9t3hCDmcbIqr-4h4fVYemJDX85INQgv1HRA7Y6iprxbJkcGFUID4FlJLMzsOibkn6j0h6h8R-5RJ3pm8DDb5X-dP0jeqGEWb8XPrZ0c1m3ls9va8j9k1oLKLfjVV-zrcF09x4CGsiQQmFwkIluMf1wpjLwXMYGPmT3NdoxCGqOXvyDDmmYGXvhm95C0nDRVesOJVCX4xEgmbol_GjTO1gSRcn99rUjZ9zxwxzaUILeBOX3j1ktT1fmJWJiSek66O0qW023a04BOySAtZHvzeDueCcWkx82SP7zwji0bgHk1G9mYzt5pXstBdgXYukpxiA8USvslVMjjSmXPfv7M8klnneE5YdGL9i6sln-MyWz5yozO_gMT4Gjql8OmU-inXdUJWsYibk4GjYsucUnmWChtOJ6iCn-dHSTOspmZmRs&cid=CAASJ-RoYa1pq1FggUMEnTE2Z0idFQBMEIIWkJ1GmcVEJwgGwZXKhW4mcA&rfl=1%2Chttps%253A%252F%252Fwww.istoedinheiro.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:51:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame A186 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:50:32 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A186 0
622 B 93ms
55ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssi7sPmArRIBCJpWdCA8w3ddknEvvwAXbsyO-JiQnkTpwXO9yCo6EnPDGGfTFbzPaof9DPUKUdebH152ruMmMS5dwgLxG-YP9aFar9gL4w-J_frW_O7dwyGsXYi0_lhRRjL7CsSbyQgd9uFYayU8fP5AtXyzi5T4Lr2xWRsBp6OCHpRfvySI_G8o_bfsCpOWiX81U5b4ksASunyuiMQODGwMsQIYdy1t_JCWaE37YHw8U98MASGNgUMo7KNPoDXw-aEV3xrFFVzHqOR7Ej09qiMc-ieJgTvTW3REWHUj9uhWyL_G1P6Zd6wQokbpIU7AhCdLGFamyAV0kWKBem5sSQ77RpL9kw3KavuOO0Y6rcpwjmbMRH4QwybU8325WsWljqTE7RhXdUHgGZ2_liZT_678lTdT2taIWWHM262X6UTkIEbIJ9HJGMlSf_LMsH3KNjbnulqp6c1eg3NWeaGGBhp9TLRScTiqhMAeWNKl_JLlbAaBVkb9pwjgoa1RUCxPhGc6WxoMTMkBgWSI4L1kKh2NGMOvt3Z92cB1PM-JVQ3zkdkOQLpkYGZPPH6yCWKOriIWUsHcIJeT6rKlPN92qrjIu-5b4hQKZEob88uhqjXlFdfXkqMddiowGDr2ZqaxP_Wm3z3SNMfubSdAcnmZd6ukNNQ1pQ47G8BtKmEueuEBOlfx4DbqBlzassN_lpr225K0RsbhvB3k__sg24_7gTQ4cppT_AEDyTe2dfuQyXEU3iQNANcxcyP8-V2VMdyOcLshnxbGxxQsBu67qAUqr6UibZuRIEe25HnPAS9RMJ8-xuv_Xtz_m8LDREV50MGsU5W_PqH8HO3HR2ZrypH2uap6tBOyFOEfe6f9t3rKDXR1u4KirZU5BXgpMk6V82E-a28x4lk-jFVHe826Ru26Gcht3sgv9YSOtrjS4w7nd_aGet2YFgXBV0oku2HiTtGvAeZMTU5lPBwhgtNqgn9iFYlg66sKTW66eLkh-dNCT8iXMQCZLcYbWmELKSwodT3Ri-uoNcYEVSyK1f9WR852ptSz_UigluLBYDnx1JSrY-aRcV4vXDjy33bskz1VO6eYKorod2Wlql2LcFxhjwaKi1XNcUhPs935l_gUoKUqf4HHrorZh72O9Hd9UKdiSjv1BsPOhk-M9vXDCC00wuPhJswp8VomtPhy91_dDpLy9-UH2fFlQwdei62wc7lKeVmk51emms&sai=AMfl-YT1KHzTtgIc11dhepCjkhzuE8ymRQproPfX1Bx9B1KsNK-kXT3V_Zr-zZyVcj1H4pvGGKWXzp25RUUlEghO_6jBcSlhxZY-bRLe0pyNLYrwTgd00QjiR0QYdntOjmgyGqI3_wKrmFxm3uEtEe45U5ObiY5JvE-K2UkG9tvcJdFNI0FQv6PvWf6WaI8P7bfP73J4nPXdH21AdGVaDnn9FRukmaPXJdg&sig=Cg0ArKJSzLBEsnXhup_KEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220330.97621&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 04 Apr 2022 15:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A186 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 06:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Mar 2023 06:39:14 GMT

GET
H2 200 7513966770160157094
s0.2mdn.net/simgad/ Frame A186 49 KB
50 KB 79ms
7ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7513966770160157094

Requested by

Host: da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com
URL: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e75d7edc410eab9c5ff0e0d8fe8d3f8ac25ff47fe0736e7ba765108053c7c360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 19:04:36 GMT
x-content-type-options: nosniff
age: 161233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50352
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 09:46:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Apr 2023 19:04:36 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0316 105 KB
35 KB 468ms
468ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5f90e71fcfbecb85bd54fc723b32cab2e634ee9fa76e29e0652a924bc6ae7af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36198
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 45 KB
9 KB 102ms
51ms XHR
application/json 99.86.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=8041&url=%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&charset=UTF-8&ch=15&ref=www.istoedinheiro.com.br&viewerId=null&referer=&_firid=17852373
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-88.fra6.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 90519fd7ebabab466f1d113002135cbd29f89ed50dcfd7bd6a4e76b70e4e06a4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-powered-by: PHP/7.3.23
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
access-control-allow-origin: https://www.istoedinheiro.com.br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: XLBZhSaYx-v_eIC7Kjwjcwp1pajcKozpjV-L7JhYmlDog41EMek7GA==
expires: 0

GET
DATA 200
OK truncated
/ 639 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0f391ab75cba9d5aa613d22978356c35d3969320065331fa8360e72506811c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E5FB 105 KB
35 KB 461ms
460ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c16949f9e7ef14ed42ab072cf4dc4177c79c2f56a0cde4c89c5866dc37902cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 35822
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=524206535;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F;uht=2;fpan=1;fpa=P0-173652035...
pixel.quantserve.com/ 35 B
372 B 19ms
11ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=524206535;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F;uht=2;fpan=1;fpa=P0-1736520355-1649087510590;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=istoedinheiro.com.br;je=0;sr=1600x1200x24;dst=0;et=1649087510590;tzo=0;ogl=locale.pt_BR%2Ctype.article%2Ctitle.Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20'ajudar%20prima'%2Cdescription.Quase%20tr%C3%AAs%20anos%20ap%C3%B3s%20o%20ex-ministro%20S%C3%A9rgio%20Moro%252C%20hoje%20pr%C3%A9-candidato%20a%20presidente%252C%2Curl.https%3A%2F%2Fwww%252Eistoedinheiro%252Ecom%252Ebr%2Fhackers-invadem-instagram-de-mulher-de-moro-e-a%2Csite_name.ISTO%C3%89%20DINHEIRO%2Cimage.https%3A%2F%2Fwww%252Eistoedinheiro%252Ecom%252Ebr%2Fwp-content%2Fuploads%2Fsites%2F17%2F2021%2F04%2Fdinheiro-fa%2Cimage%3Awidth.1200%2Cimage%3Aheight.630

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.istoedinheiro.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.istoedinheiro.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0A7 26 KB
11 KB 352ms
351ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bf1c1ac131e1295d78abe87ccd18d5deb7a85a8dce6b79c2fece1b709103892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 11413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-4663753467999594&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220403_113627&sat=1649076564984&afm=0&as_count=5&d_count=2&ng_count=0&am_count=0&atf_count=3&mdns=0.522&alldns=0.522&allp=62&pgh=3236&abl=false&rr=n&su=www.istoedinheiro.com.br&pvc=2759338911394495&r=0.1&eid=44759875%2C44759926%2C44759842%2C31066008

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A186 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a6b16cf8627f4330a8c1015ce34b308bf787d50d9197582121fb5ac788c843d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 prebidamp.js Show response
ecdn.firstimpression.io/static/js/ 312 KB
115 KB 49ms
17ms Script
application/javascript 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer: https://www.istoedinheiro.com.br/
Origin: https://www.istoedinheiro.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:57:00 GMT
content-encoding: gzip
last-modified: Sun, 03 Apr 2022 15:31:49 GMT
server: nginx/1.18.0
age: 3289
etag: W/"6249bde5-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: IY_UgpNaKLPXMWDgTSeiewVyfKPGV7a5OOd113pLrQ-smljS4S0I0A==
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
expires: Mon, 04 Apr 2022 15:57:00 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 26 KB
9 KB 57ms
24ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.istoedinheiro.com.br/
Origin: https://www.istoedinheiro.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23380
x-jsd-version: 1.13.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f6b3527ca9f2355-ZRH

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 22ms
21ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

abfb1f15c2cb3df79d00d5c685c6840b8f5c91ecebb41650eacb4611aeff6071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28206
x-xss-protection: 0
server: sffe
etag: "1177 / 252 of 1000 / last-modified: 1649070350"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Apr 2022 15:51:49 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 69ms
17ms Script
application/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 307
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1WY74PDQXJAK1BSRXPH4
date: Mon, 04 Apr 2022 15:46:42 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0wLQO1uPnoNqOqiFGLrnQiL7sjjUoQxfpf-0LwR91I6AAOEMFRaRJg==

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A186 0
26 B 59ms
43ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
347 B 172ms
156ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
last-modified: Mon, 04 Apr 2022 15:00:00 GMT
server: nginx/1.15.8
date: Mon, 04 Apr 2022 15:51:49 GMT
content-type: application/json
access-control-allow-origin: https://www.istoedinheiro.com.br
x-akamai-origin-object-size: 2
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 21A9 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 34641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 06:14:28 GMT
expires: Tue, 04 Apr 2023 06:14:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 70FA 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://www.istoedinheiro.com.br
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.istoedinheiro.com.br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:49 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 css
fonts.googleapis.com/ Frame ABBA 6 KB
670 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=4199536445&adf=946561708&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509709&bpp=2&bdt=568&idt=619&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Nr6cGydeN0&p=https%3A//www.istoedinheiro.com.br&dtd=632

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:38:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:51:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:51:49 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame ABBA 2 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:51:36 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame ABBA 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame ABBA 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABBA 119 KB
36 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:51:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame ABBA 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ABBA 0
0 16ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbBN6DZVQ-dIIqs5Cc2ioacVoUEK4sxpCL7J2w-Qyo_RFqU43lgLyHo57S317QVvZ90arH5camPFQLPlIJ1Ku2l02VJg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=4199536445&adf=946561708&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509709&bpp=2&bdt=568&idt=619&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Nr6cGydeN0&p=https%3A//www.istoedinheiro.com.br&dtd=632
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame ABBA 29 KB
12 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABBA 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0VqyFRRLYuzrF5Dij-8Pg-2UsA7t38exaY-z-uDeD7CQHxABIP-i_ldgleKQgqAHoAH8_Pj3AsgBCakCAyEWYrd1sj6oAwHIA8sEqgTKAk_QIouy-tmsPssImhzl1Q2XcUeg6gcScmLVwuJVdzqJXiB97y7fNJ87xKTvyeHELaf-ENFPHCX25riZk8k5jPJrWhijqawc_N_ipQnbVAr6gr7efCsocM80SBDGThA9fx7nQmo8yO-7Fa2jXwFZyQ--NTHGJXojSMY8Nh7gOGbN6XgYt0w8CtcAPevH23lBwO0IOi3-kdFW1ohzTDTEiMD0ULJ_NDLA8TxzER0guH4v46IRvZXXROHTye1uxwqLMqSQkyhx5vC8DWiWkV8jxzIIEynpX1roLXrCkRYjW6FQmB7JAEjAsuMG90G5xEYkXh5x5ff-585qIkQzeTuC_Av7dMEZQQzdtSL_2VIN5IMKhJ7ui2NnHaClwEC_nJUDJsmWQv---iO-pgWOLDrt1_m9g2df4dUt03OZ_vuN3o22NaYekE3mB2XGcMAE5N321O8DoAYugAezpu-aAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMO-AtIICQiA4YAQEAEYH4AKAcgLAdgTA4gUAtAVAYAXAbIXHAoaCAASFHB1Yi00NjYzNzUzNDY3OTk5NTk0GAA&sigh=jD3Hrd38kHQ&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=4199536445&adf=946561708&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509709&bpp=2&bdt=568&idt=619&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Nr6cGydeN0&p=https%3A//www.istoedinheiro.com.br&dtd=632
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 3114497524627790778
tpc.googlesyndication.com/simgad/4406145916702137218/ Frame ABBA 19 KB
19 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4406145916702137218/3114497524627790778?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3505ce10d6a932d3d41af5638324ac77b29f688fa590eddb42d0d8840f639461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 02:20:45 GMT
x-content-type-options: nosniff
age: 567064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19175
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 00:15:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 02:20:45 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6653907961971863081/ Frame ABBA 4 KB
4 KB 11ms
11ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6653907961971863081/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3075f5f3f887fb74f408b00dcf064416aa12c5b02ca0767f97860d837dcada8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 09:37:17 GMT
x-content-type-options: nosniff
age: 454472
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4146
x-xss-protection: 0
last-modified: Mon, 24 Feb 2020 16:43:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Mar 2023 09:37:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D7FE 8 KB
892 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1592119126114388&output=html&h=200&slotname=1648434458&adk=1933033968&adf=3828634993&pi=t.ma~as.1648434458&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509711&bpp=1&bdt=570&idt=731&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=2&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=CGuyzHHzL1&p=https%3A//www.istoedinheiro.com.br&dtd=736

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:42:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:51:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:51:49 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame D7FE 2 KB
909 B 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:51:36 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame D7FE 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame D7FE 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7FE 119 KB
36 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:51:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame D7FE 15 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:20 GMT

GET
H3 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame D7FE 29 KB
12 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 63FC 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 8737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Tue, 05 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D7FE 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdEQ-FRRLYsOJHqTuj-8P0YOkyAbo2-yuaev0p9HgD_nI_d8FEAEg74eoHmCV4pCCoAegAfrwmpAByAEJqQJBmTouKHSyPqgDAcgDywSqBMwCT9DjEMgl9xaOx6s1IUvDK17MUtrmS9jrjS5dX6TP3mvFiF8mKYwdZqmL0OzMoZPTMuGHHWZCmd5rnlFzDWlDEXYD3u5urjb5xP_RaaVqVYIJpOm8f7XHAtXvnFDRUyOAkYegV1tKhdbXnQbdaXL-VaXugthmoYoxVf_H3Nc34rrLyrPPTovN_TSf6Csxi81hhzjcdFw94yKt2nTvrlbe8ufXfInji7waFM3wYm362ZXkHy9xn_B1ia52YddGFOKq7LueCnSM7qjIsX4ew8L4ZJo82sViUFnUaQlorL6iS3-JYfCW-PVBNh6Y7AG_vosLNC6C40Z1DesZ0pBchZoQGqkdmGoAGbT_aH9OU1CnXUo6ZGWjsmSvasaRj1eco9lNuRDL1aoKf-H5QsKWDVS4_T3fQxjSK-Zvc8H-ix1SBCDTjlHN-u66jeo4Y9_ABOqU_4PlA5IFBAgEGAGSBQQIBRgEoAYugAfujuXvAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKzcB9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMTU5MjExOTEyNjExNDM4OBgA&sigh=xRpYL-Ov840&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1592119126114388&output=html&h=200&slotname=1648434458&adk=1933033968&adf=3828634993&pi=t.ma~as.1648434458&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509711&bpp=1&bdt=570&idt=731&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=2&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=CGuyzHHzL1&p=https%3A//www.istoedinheiro.com.br&dtd=736
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:51:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame F0A7 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0A7 119 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:51:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame F0A7 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:20 GMT

GET
DATA 200
OK truncated
/ Frame ABBA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5cd8d23da3756425b432e78ca2ec40cef5eb92d1789d5dc7de97d9d9ffdf70d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14355132414417831006/ Frame D7FE 8 KB
8 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14355132414417831006/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb18c61181463be23ca920f9859552dcfeb7d7e1024603f5a882ab2ff29ed66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 21:08:18 GMT
x-content-type-options: nosniff
age: 326612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7724
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 08:46:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 31 Mar 2023 21:08:18 GMT

GET
DATA 200
OK truncated
/ Frame D7FE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D7FE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 0316 8 KB
892 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:06:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:51:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:51:50 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 0316 2 KB
910 B 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:51:36 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 0316 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 0316 2 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0316 119 KB
36 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:51:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 0316 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0316 0
0 19ms
19ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRujPYFVq-Yf3fvyo9-w7ym7yRIHTU3xTTumO_KPAZz-6rEYlFM8uuwxJ_kWBrZDYvLHjd_AlwjKKaVqW_PCwyRuXeAg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame 0316 29 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 21A9 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 10:24:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F0A7 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cnl4iFRRLYvndJ4KuzLUP4qyZ4AHJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTSgAdW20uoDyAEJqQIRY4ZOUXiyPqgDAaoExQJP0CMwIvPW85KDfYbEQUkScJuIAW5aQANWAkZ4a0tIEBPX16g7x71mhaiw9sQDOZr5RSZwjpwuAth2xVLUV1kcmK5BodmbI9ti2QSZL_nlAOp0_wetbQiLlIvgWuvkc_T9LYJRxCw1dQ2aSe8MZC1-Mt9Q65uDwQactij9D6lBFluNo6jHiqcECFzsFFkwx7yiltiMAaio624xBMwl261OnYnNkyspFAaz0w2BOnHZW6eOy0KS9P9e5qAgV9ieq_EqsJogk-nFmt2ShCH8B1iblBJ6FMqOYTUvCgW7Xol_2YMNWgkmGaBYcdKJKFdSkJMCKrrxmwvRPGzxNjdA2RA45yTLpaWenWW9o4lL94OJ4mopXAEdGNsuI4UbPC1tbpXrTJZSJGI1Zh1kxL3luRDu498hLCwU4ogbWcJWKB8lpo_9-eKqgAaLvozdwK6T2toBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDY2Mzc1MzQ2Nzk5OTU5NBgA&sigh=S9UErCnZn5c&uach_m=[UACH]&cid=CAQSPACNIrLM8NTm9YL5CpfrpfS9RalJ6jsuOqnzsWavodU9bSuGJsnhQMqXDnVTfhZhuc9PwUWKmn7ekfG8ZRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:51:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame F0A7 0
0 70ms
19ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UODuEsz6RO8GyAGdg2ICAgAAALEgs9NrGwOxEBQUS2Ij2y5tLmKQhfEDWwAS&wp=YksUFQAJ7vkAsxcCAAZWYuLx1VW9NQ3_UQUMUQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 220132
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D55A 146 KB
47 KB 107ms
78ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YksUFQAJ7vkAsxcCAAZWYuLx1VW9NQ3_UQUMUQ&u=%7CGjnHhBgZWfsbpdQAbHXJ6xTC4mN%2F3oRXiC0hYFtAU70%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8QZR6FdXOmBrvyVVpRhpfwse9jA8bZxuhvZnt5ReJqHhJ6uFWDhgGl-RiUD4XGs5LnZOf9APKAYmertOdVdypwLeDxB-J6Pt1w-UO6rQCsOnkYKQeC0L7msKGJ7lBzkR12why9Iz_iVymCeilAGtRBzN9-8eujaYrCsq3J_loW6Na8xF695Wvi4jmgBvkfIAV6Xshtdlp4dJuqvK1BvbC-7VR4X_XGp_8_yuKILvbODCFtXD9RR9LgH-MH-vFzbRliD7PDoturgcOzB1xQ2SEYSpsyi5T4_KpHDjKzZ7LjnIC9E3wTKrxh_8-X2TYGUqKp6ndRZplcYm9sfj4V9TxWjvpzBJEUpTWcbaB8SHZki2CpGpuorXmNQIzXAbr_C-bkSWwJAbswERfgU0rLy8u7sZua2A1lnVkA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4p6IFRRLYvndJ4KuzLUP4qyZ4AHJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTSgAdW20uoDyAEJqQIRY4ZOUXiyPqgDAaoEyAJP0CMwIvPW85KDfYbEQUkScJuIAW5aQANWAkZ4a0tIEBPX16g7x71mhaiw9sQDOZr5RSZwjpwuAth2xVLUV1kcmK5BodmbI9ti2QSZL_nlAOp0_wetbQiLlIvgWuvkc_T9LYJRxCw1dQ2aSe8MZC1-Mt9Q65uDwQactij9D6lBFluNo6jHiqcECFzsFFkwx7yiltiMAaio624xBMwl261OnYnNkyspFAaz0w2BOnHZW6eOy0KS9P9e5qAgV9ieq_EqsJogk-nFmt2ShCH8B1iblBJ6FMqOYTUvCgW7Xol_2YMNWgkmGaBYcdKJKFdSkJMCKrrxmwvRPGzxNjdA2RA45yTLpaWenWW9o4lL94OJ4mopXAEdGNsuI4UbPC1tbtfpbQTVq_4m2YFwZ23YH-jn99WXJgIMYDzTZGSklwEJvgpXffEVkP4XgAaLvozdwK6T2toBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Jbqi-_xqpwVn8_TYVYJ1rZPKW_w%26client%3Dca-pub-4663753467999594%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a5f52e1684a0166feef0d4d49b3e23e9216dc0f7c5864c5e4a8be39e3199e734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=YuGPwwnM9gk_GZDsnBiFxFWv8LQbkh8pXOWd5k0FzosfyMESLfngHY90e6Iw2xrgCzv1AjT0513eGBxGj_cdYw5gQkyl9mczZQpzjpZHviAftWQh5fYybF4qVk8TSNKsXdvqjVOxYuBz8P0ZS5W782IqyIrzRNhp2tku5l5OSlEer6XKAEhXswxFBRnAmLCsh8Mdl3fMaPAQDkT-e2psx6ZTpNZanRe0-3wd16lvyuMUdBuYqM_Z8PsQ7L4M5jlTNPlYIA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 64033658
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 40FB 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 8738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Tue, 05 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ABBA 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 424398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 17:58:32 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ABBA 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 424531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ABBA 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 309929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 01:46:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E5FB 8 KB
892 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:46:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:51:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:51:50 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame E5FB 2 KB
910 B 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:51:36 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame E5FB 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame E5FB 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5FB 119 KB
36 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:51:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame E5FB 15 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:48:20 GMT

GET
H3 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame E5FB 29 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0316 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWLFoFRRLYr7qIa-m0_wPg9uA6A_o2-yuacv4p9HgD_nI_d8FEAEg_6L-V2CV4pCCoAegAfrwmpAByAEJqQIRY4ZOUXiyPqgDAcgDywSqBMwCT9D64IbHF_oZpbhv8zU659R540stA0yFJpw-m1ckM3SBF6CigZqDjb_TWWbkZY1xPFixOr6eo0oJcOe9xstw0YzH3zVHz4nLHldO5GYqOTHgleonLDL_PGA78_CFmOFNx8EjVCDO4NtDLJpdgx-DJX2VkueHCvrR8T0FaTxIAgEJIhjqsfHtCK8FNDxyvJHSXXjwE1QL7lz_gVa8E46NBiDkNAvyA3_IsDghsJ3jzntHbi3dyK3Tpn-rM12U_lYVYvbub2cke8Mz4IWE5VsRe57YgoQrh9nRTjrebCthDvfu0BQMOymb0souwxudIVLeohPaQAvgUU9uM9zlg_mqABRQkWmrBj24cH-YlRd7g3wD4n9Cbw9DVbmHt89csmBmqGFmmx9DdlciJ6x8pGDi8Ix0tX2wwIlG3wkHd4VZkaD08cTAMEWvcOb4pQDABOqU_4PlA5IFBAgEGAGSBQQIBRgEoAYugAfujuXvAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL28AdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDY2Mzc1MzQ2Nzk5OTU5NBgA&sigh=2N7bOTbvjb8&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:51:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A142 1 KB
749 B 15ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 8738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Tue, 05 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D7FE 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96af03461ebe42d29a8796d059f22b5646737955e9bb326976be236bcd218d6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4477357869197969698/ Frame 0316 10 KB
10 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4477357869197969698/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80eef32e2c852c478d5f3486e16b77c945b7c6d44a0447e6e15d9574e582d7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:17:21 GMT
x-content-type-options: nosniff
age: 5669
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10211
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 11:07:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 14:17:21 GMT

GET
DATA 200
OK truncated
/ Frame 0316 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0316 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E5FB 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChswpFRRLYqq0JJL-zLUP4pap4APo2-yuacv4p9HgD_nI_d8FEAEg_6L-V2CV4pCCoAegAfrwmpAByAEJqQIDIRZit3WyPqgDAcgDywSqBMwCT9BTqKK3o8nTBF-OlHsl2W4tOvvedPzxt7e21ywEQbmBvA8-IL0SJeDR1eAfkxZyNbyvw-dwPaNCAQVgUvRV3iBcWyE1fR3fuqXuwXgZKZ-76XyoDw_jyykozqXcF046Ho4yEPGSUYjWo9J9jSz7sJOLZnrSN6b58jjnVr3XIofRqQN1aBUybbhOU3iseZ3MO87CSklBbwM-ZFVonKJougchNh9Q5KudK4Vjh9KJVf1seQp94UWSyqRCeG6k-xAr8HUb58xYffdfUGGhXCooxmpLm0wl-ENNvHJBWFgA-1DP14VA01KnlBm-btQuc8g7Z1mgPdaWSKg6ZvJTsZ04FL8LfkUOtW6piRLaW1l-j9Il-ukWZODmKCuthq0UkuheAalIV1_HwBwGE53HlCJQPZgrKVwt7gNLy_7Sb-8gCODaXaR4uSa-cLDSpDDABOqU_4PlA5IFBAgEGAGSBQQIBRgEoAYugAfujuXvAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELC8AdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDY2Mzc1MzQ2Nzk5OTU5NBgA&sigh=Ke4ykaE6__4&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:51:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame D7FE 28 KB
28 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 493508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:46:42 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4477357869197969698/ Frame E5FB 10 KB
10 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4477357869197969698/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80eef32e2c852c478d5f3486e16b77c945b7c6d44a0447e6e15d9574e582d7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:17:21 GMT
x-content-type-options: nosniff
age: 5669
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10211
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 11:07:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 14:17:21 GMT

GET
DATA 200
OK truncated
/ Frame E5FB 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E5FB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0A02 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 8738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Tue, 05 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 63FC 35 B
363 B 12ms
9ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWod8h-4CwkGncE9xDdRcc&google_cver=1&google_push=AYg5qPJFKv6vzhOOqcAOkYdnc3SQHDX0hJDyhFyKjnb8b0XciIGdGrARjl_yuPPJ3Kp3bppJs4zeDLqUnvjzVbTOAowGubQCIGs

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63FC
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEK6hSRGTlDjwhpx240F_bkI&google_cver=1&google_push=AYg5qPJgU6wzLItwdJJjSJSbvO2LS5GAd5Ac5q-LjXiK9N5iQrZcGmGhBIY0gJBajiHcObupaCbC-NeVh-3YB3_gA9Nq6pTM4g
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJgU6wzLItwdJJjSJSbvO2LS5GAd5Ac5q-LjXiK9N5iQrZcGmGhBIY0gJBajiHcObupaCbC-NeVh-3YB3_gA9Nq6pTM4g&google_hm=Q0FFU0VLNmhTUkdUbERqd2h...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJgU6wzLItwdJJjSJSbvO2LS5GAd5Ac5q-LjXiK9N5iQrZcGmGhBIY0gJBajiHcObupaCbC-NeVh-3YB3_gA9Nq6pTM4g&google_hm=Q0FFU0VLNmhTUkdUbERqd2hweDI0MEZfYmtJ

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 15:51:49 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJgU6wzLItwdJJjSJSbvO2LS5GAd5Ac5q-LjXiK9N5iQrZcGmGhBIY0gJBajiHcObupaCbC-NeVh-3YB3_gA9Nq6pTM4g&google_hm=Q0FFU0VLNmhTUkdUbERqd2hweDI0MEZfYmtJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63FC
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIzplwB...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIzplwB...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDQxNTUxNTAwMDA2MzE3NjM0NDEwNg%3D%3D&google_push=AYg5qPIzplwBfw03uhP4Cbc3a78EWaz-8X6rIh13-5E9Y0CYp46vhmvEUvklZu9KIja9kO...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDQxNTUxNTAwMDA2MzE3NjM0NDEwNg%3D%3D&google_push=AYg5qPIzplwBfw03uhP4Cbc3a78EWaz-8X6rIh13-5E9Y0CYp46vhmvEUvklZu9KIja9kOqTKbEOJc_slhPvvlUuQQnz5vSr8oA

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDQxNTUxNTAwMDA2MzE3NjM0NDEwNg%3D%3D&google_push=AYg5qPIzplwBfw03uhP4Cbc3a78EWaz-8X6rIh13-5E9Y0CYp46vhmvEUvklZu9KIja9kOqTKbEOJc_slhPvvlUuQQnz5vSr8oA
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 04 Apr 2022 15:51:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMf15y77k_xSw6iteXIKpA&google_cver=1&google_push=AYg5qPL5kNi16iA_yuhKMvBpIajOJh4hn_9CoF6EJB-TABzHjV86w2ZMHVHcos62IxHz10wes7N...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJTlEtMU4tS1RNVQ==&google_push=AYg5qPL5kNi16iA_yuhKMvBpIajOJh4hn_9CoF6EJB-TABzHjV86w2ZMHVHcos62IxHz10wes7N9Q5SFiHWXvuDgpAfsHhLE6w

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJTlEtMU4tS1RNVQ==&google_push=AYg5qPL5kNi16iA_yuhKMvBpIajOJh4hn_9CoF6EJB-TABzHjV86w2ZMHVHcos62IxHz10wes7N9Q5SFiHWXvuDgpAfsHhLE6w

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJTlEtMU4tS1RNVQ==&google_push=AYg5qPL5kNi16iA_yuhKMvBpIajOJh4hn_9CoF6EJB-TABzHjV86w2ZMHVHcos62IxHz10wes7N9Q5SFiHWXvuDgpAfsHhLE6w
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 63FC 43 B
296 B 197ms
19ms Image
image/gif 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOt920i9uDzbT3kclLrCAQ4&google_cver=1&google_push=AYg5qPK4ASVS4VYOT_K47OSpBTDORNXIulOctq3w7GkZk-ylAJniPzk9HEkLMyulgShWD2Su_sq1uArPMFyrq84dgetakWcS2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=4199536445&adf=946561708&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509709&bpp=2&bdt=568&idt=619&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Nr6cGydeN0&p=https%3A//www.istoedinheiro.com.br&dtd=632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 63FC 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 63FC 0
12 B 15ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrnhJLlB7ns3DaRx_YBTHqP3pHhx9X4aeArXFf1R6dN0UqUMC3H_9T4WmVzMZ_MYE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0316 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db94e60ca2ce3648b7cba2149abf8ae04a6f7d22db61b73ba838f58bffac0816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F0A7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a04f41bf2cfcb30941b315ee4d5c39a4c8a334a13d0e4110892a49cf64a398d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 floating-unit.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 9 KB
3 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-istodinheiro/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2306dd0d910337be70c4ab0b8a5b51861b0e018c1a7025dcabebb275272711c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: fYxluaj5MZYnrwi3v4MzFf_Vu2T7X4h5
content-encoding: gzip
etag: "4e7ad6912929957b4f7d0ce1f9c29d25"
age: 24600
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2738
x-amz-id-2: mgbxw61LEbdM1hlZ9rAaz2i7mm7MrWI1yF7Ajdr+TDR+l4ijdeYEEivqaAnjuONBiMnR0MgRJQI=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 04 Apr 2022 08:58:33 GMT
server: AmazonS3
x-timer: S1649087510.383608,VS0,VE0
date: Mon, 04 Apr 2022 15:51:50 GMT
vary: Accept-Encoding
x-amz-request-id: QFP2VGP45XGYM299
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 589

GET
H2 200 tb Show response
15.taboola.com/ 38 KB
12 KB 34ms
26ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editora3-istodinheiro&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&encoded=1&uid=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&variant=-100|1786174044&callback=TRC.videoTagCallbacks.videoCallback1&cb=1649087511413&tagid=&cntry=DE&platform=1&sesid=8eb2fc5904adc7fd43651bf819f681c0&itemid=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&viewid=1649087510430&geolat=&geoing=&deviceifa=&appid=&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ri=c15fd4fe35d804cb3e702b8132fe8163&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1135271&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=TH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1135269&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 579eec9d4d8247e0daea62bc5f444339d5a4c5e498359074c7def6d0cc0c62fc

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
access-control-allow-origin: https://www.istoedinheiro.com.br
machineid: 1484
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4083-HHN
pragma: no-cache
server: nginx
x-timer: S1649087510.392340,VS0,VE20
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-istodinheiro/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9860c4b880e40fd9425f7fc3c39598fc1d636025538057831a7211322ef8bf9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: sD0MkCIFfme40DGMn90ZRwGu2qRZflNJ
content-encoding: gzip
etag: "aa6a990f4919137a26929434b8c2376f"
age: 24551
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1513
x-amz-id-2: MV2hb3OFuU2+58BFD2oLFfaPa3chDygR94fE75wVvHerA/OmtT7i8cJzJoHkOZbm7U90D2whngE=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 04 Apr 2022 08:59:20 GMT
server: AmazonS3
x-timer: S1649087510.387450,VS0,VE0
date: Mon, 04 Apr 2022 15:51:50 GMT
vary: Accept-Encoding
x-amz-request-id: TJZ5607DF3RTYYWT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 6327

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 6ms
6ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 86
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: 3MR2deqwi6dCj5WT4U3BZdNXEBHOC/1YV3NWAuFo6feWGqMxeviuq4Wc660L9qlxloYc8afuSe4=
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1649087510.411155,VS0,VE0
date: Mon, 04 Apr 2022 15:51:50 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: H1FFGYEE1PD6RXYC
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 27
x-cache-hits: 34

GET
H2 200 cta-component.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 6ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-istodinheiro/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 360a6ebb9fd281edf03e8bd509e1184f153b2638eac178c96bcf337344f6fa4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: TsOYuEIOEHUmScEOpDdZbaahwr1FZNEH
content-encoding: gzip
etag: "71f74b3860520348bbf5a94371e296c7"
age: 24576
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5252
x-amz-id-2: 3wfvphiEAyJfHmUjJvp9Itk2JQsLeMDACMxEa6K2Rpugty/wY6/KzkXhF/LRTwwJTYaoef/rRRo=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 04 Apr 2022 08:59:37 GMT
server: AmazonS3
x-timer: S1649087510.420333,VS0,VE0
date: Mon, 04 Apr 2022 15:51:50 GMT
vary: Accept-Encoding
x-amz-request-id: 471QP9YV17YRRH5K
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 7996

GET
H2 200 userx.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 22 KB
6 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-istodinheiro/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4de3908746383939025bbea5847e9752c3cfcc44420525a29862361743d9f77a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: ul26_yFnComPVWWVeWjjYBbPHcKR1IgT
content-encoding: gzip
etag: "01bbf1ee8fc4bd4efc2eb775d7779841"
age: 24886
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5730
x-amz-id-2: czz6o881CrsYy0w5VpGCh0+nXOpVG4yc9FYqEpe/6jqYxep72SCTiCULWDeKLwmZnBFoLil/Plo=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 04 Apr 2022 08:56:50 GMT
server: AmazonS3
x-timer: S1649087510.422192,VS0,VE0
date: Mon, 04 Apr 2022 15:51:50 GMT
vary: Accept-Encoding
x-amz-request-id: QA8QSWCV3K5BBPCH
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 9996

GET
H2 200 explore-more.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 20 KB
6 KB 8ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-istodinheiro/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05dbe6e1621ffd554b4e423f5bb857965c36a5d8583dd44f4f4a5b9f069d788a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: IdZxospa5SorDe1qIlif0qeVWYPmJJt2
content-encoding: gzip
etag: "13aaf7e9f491ee7e3f57d410c3422cc3"
age: 24551
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5967
x-amz-id-2: Zjqc1s6OlfRPm4kqCZ5XwGBI23QpyOHaFaISaA3EjSYtP0dtam16P5zWxRQ8OAUcy0IEtqQtJ9g=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 04 Apr 2022 08:59:23 GMT
server: AmazonS3
x-timer: S1649087510.434689,VS0,VE0
date: Mon, 04 Apr 2022 15:51:50 GMT
vary: Accept-Encoding
x-amz-request-id: EZK1FX0YKVRKYW7E
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 1784

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 23ms
23ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=42a5303cb0c64736ffc6c0ffad54b8c2&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.410&id=8829&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.468939,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 debug
am-trc-events.taboola.com/editora3-istodinheiro/log/2/ 0
90 B 83ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editora3-istodinheiro/log/2/debug?tim=15%3A51%3A51.422&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=8457&cv=20220404-2-RELEASE&lt=deflated&pct=1
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13502

GET
H2 204 debug
am-trc-events.taboola.com/editora3-istodinheiro/log/2/ 0
89 B 85ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editora3-istodinheiro/log/2/debug?tim=15%3A51%3A51.424&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=8135&cv=20220404-2-RELEASE&lt=deflated&pct=1
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13502

GET
H3

200

B26229394.311454940;dc_pre=CIy0kNrh-vYCFcMAiwodMakDDA;dc_trk_aid=504147990;dc_trk_cid=155387237;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGD...
ad.doubleclick.net/ddm/trackimp/N256806.279382DBMBITDEFENDERRO5/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N256806.279382DBMBITDEFENDERRO5/B26229394.311454940;dc_trk_aid=504147990;dc_trk_cid=155387237;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/trackimp/N256806.279382DBMBITDEFENDERRO5/B26229394.311454940;dc_pre=CIy0kNrh-vYCFcMAiwodMakDDA;dc_trk_aid=504147990;dc_trk_cid=155387237;ord=[1];dc_lat=;dc_rdid=;tag_...

42 B
63 B

32ms
31ms

Image
image/gif

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N256806.279382DBMBITDEFENDERRO5/B26229394.311454940;dc_pre=CIy0kNrh-vYCFcMAiwodMakDDA;dc_trk_aid=504147990;dc_trk_cid=155387237;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=istoedinheiro.com.br

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N256806.279382DBMBITDEFENDERRO5/B26229394.311454940;dc_pre=CIy0kNrh-vYCFcMAiwodMakDDA;dc_trk_aid=504147990;dc_trk_cid=155387237;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=istoedinheiro.com.br
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 23ms
21ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=b6e072c737ee988216653781a30589e4&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.428&id=1804&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.470210,VS0,VE12
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/editora3-istodinheiro/log/3/ 0
60 B 22ms
21ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/abtests?route=AM:AM:V&lti=deflated&ri=42a5303cb0c64736ffc6c0ffad54b8c2&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22rendered%22%2C%22type%22%3A%7B%22renderingHeight%22%3A1707%2C%22scrollHeight%22%3A0%7D%2C%22eventTime%22%3A1649087511441%7D&tim=15%3A51%3A51.442&id=1378&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.470322,VS0,VE12
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
56 B 21ms
19ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=b6e072c737ee988216653781a30589e4&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.442&id=2246&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.470393,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
274 B 20ms
18ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=fa68e8c5cbeb5b09b412fb37fbb4e224&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.453&id=4803&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.470469,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
57 B 22ms
21ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=fa68e8c5cbeb5b09b412fb37fbb4e224&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.453&id=1258&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.470535,VS0,VE12
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
60 B 22ms
20ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=80dd1de22e0f9641763a66b4cdae24d8&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.457&id=8714&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 13
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.492943,VS0,VE13
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 18ms
16ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=80dd1de22e0f9641763a66b4cdae24d8&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.457&id=1768&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.493001,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
57 B 21ms
19ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=560403bd640e02fb0be8d4d468d3327e&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.460&id=4943&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.493089,VS0,VE12
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
61 B 19ms
18ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=560403bd640e02fb0be8d4d468d3327e&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.460&id=1092&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.493157,VS0,VE10
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
71 B 22ms
21ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=42a5303cb0c64736ffc6c0ffad54b8c2&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.462&id=6410&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 13
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.493262,VS0,VE13
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
58 B 18ms
17ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=e01eac59639c06d8493a5eb55cd7bc99&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.464&id=5196&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087510.493399,VS0,VE8
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
57 B 22ms
21ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=e01eac59639c06d8493a5eb55cd7bc99&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.465&id=9274&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.511340,VS0,VE12
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 18ms
16ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=e01eac59639c06d8493a5eb55cd7bc99&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.474&id=3356&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.511436,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
80 B 16ms
16ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=e01eac59639c06d8493a5eb55cd7bc99&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.474&id=9679&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.511709,VS0,VE8
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
273 B 19ms
17ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=040e21a3ef026a4851be1a1a47aa6026&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.476&id=6718&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.514114,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 18ms
17ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=040e21a3ef026a4851be1a1a47aa6026&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.476&id=6124&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.514405,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 18ms
18ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=ae6189b7df994b35939dc3b0b5244387&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.480&id=684&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.514560,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 31ms
30ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=ae6189b7df994b35939dc3b0b5244387&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.480&id=3861&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.542076,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 30ms
29ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=be4cc4f38a344aa4cb25469ccab59fbc&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.484&id=6455&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.542090,VS0,VE8
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
59 B 30ms
28ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=be4cc4f38a344aa4cb25469ccab59fbc&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.485&id=9817&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.542110,VS0,VE12
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
57 B 31ms
29ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=1ec6dc3261af23a72a8bd76e632afc2e&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.488&id=7057&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 13
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.542115,VS0,VE13
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 27ms
25ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=1ec6dc3261af23a72a8bd76e632afc2e&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.488&id=3508&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.542131,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 26ms
24ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=5af94a5b43e0ca5c04696838147e61d4&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A51.491&id=2205&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.542226,VS0,VE8
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
55 B 25ms
24ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=5af94a5b43e0ca5c04696838147e61d4&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A51.492&id=5801&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.561796,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 0316 28 KB
28 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 493508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:46:42 GMT

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F75 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 10:24:17 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D55A 2 KB
1 KB 67ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YksUFQAJ7vkAsxcCAAZWYuLx1VW9NQ3_UQUMUQ&u=%7CGjnHhBgZWfsbpdQAbHXJ6xTC4mN%2F3oRXiC0hYFtAU70%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8QZR6FdXOmBrvyVVpRhpfwse9jA8bZxuhvZnt5ReJqHhJ6uFWDhgGl-RiUD4XGs5LnZOf9APKAYmertOdVdypwLeDxB-J6Pt1w-UO6rQCsOnkYKQeC0L7msKGJ7lBzkR12why9Iz_iVymCeilAGtRBzN9-8eujaYrCsq3J_loW6Na8xF695Wvi4jmgBvkfIAV6Xshtdlp4dJuqvK1BvbC-7VR4X_XGp_8_yuKILvbODCFtXD9RR9LgH-MH-vFzbRliD7PDoturgcOzB1xQ2SEYSpsyi5T4_KpHDjKzZ7LjnIC9E3wTKrxh_8-X2TYGUqKp6ndRZplcYm9sfj4V9TxWjvpzBJEUpTWcbaB8SHZki2CpGpuorXmNQIzXAbr_C-bkSWwJAbswERfgU0rLy8u7sZua2A1lnVkA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4p6IFRRLYvndJ4KuzLUP4qyZ4AHJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTSgAdW20uoDyAEJqQIRY4ZOUXiyPqgDAaoEyAJP0CMwIvPW85KDfYbEQUkScJuIAW5aQANWAkZ4a0tIEBPX16g7x71mhaiw9sQDOZr5RSZwjpwuAth2xVLUV1kcmK5BodmbI9ti2QSZL_nlAOp0_wetbQiLlIvgWuvkc_T9LYJRxCw1dQ2aSe8MZC1-Mt9Q65uDwQactij9D6lBFluNo6jHiqcECFzsFFkwx7yiltiMAaio624xBMwl261OnYnNkyspFAaz0w2BOnHZW6eOy0KS9P9e5qAgV9ieq_EqsJogk-nFmt2ShCH8B1iblBJ6FMqOYTUvCgW7Xol_2YMNWgkmGaBYcdKJKFdSkJMCKrrxmwvRPGzxNjdA2RA45yTLpaWenWW9o4lL94OJ4mopXAEdGNsuI4UbPC1tbtfpbQTVq_4m2YFwZ23YH-jn99WXJgIMYDzTZGSklwEJvgpXffEVkP4XgAaLvozdwK6T2toBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Jbqi-_xqpwVn8_TYVYJ1rZPKW_w%26client%3Dca-pub-4663753467999594%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 15:51:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D55A 2 KB
1 KB 65ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 15:51:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D55A 308 B
636 B 21ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 30 Mar 2023 15:51:50 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame D55A 507 B
835 B 21ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 30 Mar 2023 15:51:50 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame D55A 43 B
348 B 55ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=07yBxVJvV221ACHSFaRT_jhUUdAbcuPVBm0asJ3FXga4NLgCX5MNUVcMgfSqXj7i7AC5LpElaAz5pSkOYQmUtjh9QJEqnVd6-5Mm_J0LgjvWe4-zXvf7T6jdFrZag0NZMUoGDyECd_fZVr_L3Nnj3ntcfxr1ElFoZKdNSwog_G8jl_E10UuusbBAKjk9wNdRh8lF919CDozCzry4TI4sTlZHyEMTXg9nVh1M4GAbxj2aibr4ok3zODCuzM4VzNxG7RO01BZMBKE0l3LrVSFpm7HKeTAbFqV9fH4MWVDh3iaYtvMgLF8kCMEWaBzbidX9f70656NzWpZH6IYKLotoM6SkYeDP8ErAi9Ln1urmS52iBTvNABj14YtCavBGNCYFQJ8as4TPWmsBeJ2sSQiyYLlDC4aXb3_m5Wk21jndgKIBW3so9QeFk0p3pSv-fIJ8eFCapA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2838762
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40FB
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEK6hSRGTlDjwhpx240F_bkI&google_cver=1&google_push=AYg5qPKgiCESWFFFV76hy1vWaazHjc9uTXSMbE40fS7MRYdL9scKpV_xFJp7t9Wb6RHTgx9AbUMa6bha_jiAytW8zOtpA02DVCU
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKgiCESWFFFV76hy1vWaazHjc9uTXSMbE40fS7MRYdL9scKpV_xFJp7t9Wb6RHTgx9AbUMa6bha_jiAytW8zOtpA02DVCU&google_hm=Q0FFU0VLNmhTUkdUbERqd2...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKgiCESWFFFV76hy1vWaazHjc9uTXSMbE40fS7MRYdL9scKpV_xFJp7t9Wb6RHTgx9AbUMa6bha_jiAytW8zOtpA02DVCU&google_hm=Q0FFU0VLNmhTUkdUbERqd2hweDI0MEZfYmtJ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 15:51:49 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKgiCESWFFFV76hy1vWaazHjc9uTXSMbE40fS7MRYdL9scKpV_xFJp7t9Wb6RHTgx9AbUMa6bha_jiAytW8zOtpA02DVCU&google_hm=Q0FFU0VLNmhTUkdUbERqd2hweDI0MEZfYmtJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

1000.gif
id.rlcdn.com/ Frame 40FB
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPImrkPL99swl501DDlWKnUDhSqJZlaUtp9WRXTfua-QLOhI8lSQdwb9zaSwIZQuDdqj61YHlU0-P9Y3WgYvxrPTRR233Q&google_gid=CAESEAB9CavVvxr46vCty6oOLck&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJaorJIGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJbXJrUEw5OXN3bDUwMUREbFdLblVEaFNxSlpsYVV0cDlXUlhUZnVhLVFMT2hJOGxTUWR3Yjl6YVN3SVpRdURkcWo2MVlIbFUwLVA5WTNXZ1...

42 B
317 B

16ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJaorJIGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJbXJrUEw5OXN3bDUwMUREbFdLblVEaFNxSlpsYVV0cDlXUlhUZnVhLVFMT2hJOGxTUWR3Yjl6YVN3SVpRdURkcWo2MVlIbFUwLVA5WTNXZ1l2eHJQVFJSMjMzUQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJaorJIGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJbXJrUEw5OXN3bDUwMUREbFdLblVEaFNxSlpsYVV0cDlXUlhUZnVhLVFMT2hJOGxTUWR3Yjl6YVN3SVpRdURkcWo2MVlIbFUwLVA5WTNXZ1l2eHJQVFJSMjMzUQ
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40FB
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ-Tbh9...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ-Tbh9...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDQxNTUxNTAwMDAyMDQyNTI2OTI1MA%3D%3D&google_push=AYg5qPJ-Tbh9z0C4daYVM8EdSMNpKPnrBzor_Ey2N5NJiWj-8ALYQyKrrBOV4k3QXVWQ3L...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDQxNTUxNTAwMDAyMDQyNTI2OTI1MA%3D%3D&google_push=AYg5qPJ-Tbh9z0C4daYVM8EdSMNpKPnrBzor_Ey2N5NJiWj-8ALYQyKrrBOV4k3QXVWQ3Lxp5LUXewOwKSnEaCFISFehuY_vdx4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDQxNTUxNTAwMDAyMDQyNTI2OTI1MA%3D%3D&google_push=AYg5qPJ-Tbh9z0C4daYVM8EdSMNpKPnrBzor_Ey2N5NJiWj-8ALYQyKrrBOV4k3QXVWQ3Lxp5LUXewOwKSnEaCFISFehuY_vdx4
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 04 Apr 2022 15:51:50 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 40FB 43 B
350 B 63ms
22ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDhK9X2uT1MEr08MLqZ5lSw&google_cver=1&google_push=AYg5qPLdZzO8WSw-M7waZOzxYuyI_X-mMkrygpF3YDMh6mKuSFa9NpGXgzYXwhgquYyAZfEhTN30H7b0B30rjCmSNAcXUhp4uoE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:49 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: s2882ckh7a1pdr2vbus9godtjtaga3jd

GET

pixel
cm.g.doubleclick.net/ Frame 40FB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY6...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40FB
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOt920i9uDzbT3kclLrCAQ4&google_cver=1&google_push=AYg5qPIddyN72hWKW4vDsVlkGDXqVLSO2ILl33ZcJCzEw6E7Bpxaf9v05IAqL5IZF80sMHeIevmMWZOk3vrfTCSAageKbGZ9zw
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIddyN72hWKW4vDsVlkGDXqVLSO2ILl33ZcJCzEw6E7Bpxaf9v05IAqL5IZF80sMHeIevmMWZOk3vrfTCSAageKbGZ9zw&google_hm=eiSBDR0EQKOVIsj-O-...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIddyN72hWKW4vDsVlkGDXqVLSO2ILl33ZcJCzEw6E7Bpxaf9v05IAqL5IZF80sMHeIevmMWZOk3vrfTCSAageKbGZ9zw&google_hm=eiSBDR0EQKOVIsj-O-9D3g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIddyN72hWKW4vDsVlkGDXqVLSO2ILl33ZcJCzEw6E7Bpxaf9v05IAqL5IZF80sMHeIevmMWZOk3vrfTCSAageKbGZ9zw&google_hm=eiSBDR0EQKOVIsj-O-9D3g
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
cache-control: no-cache
content-length: 0
request-time: 2
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 40FB 0
12 B 16ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J9bzu9G_AqW7CLl4eeU2aFX-K-qSb0enAfM8SDP9qC3Y656WfCCJuw1YrQtefFdg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2523654991&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509714&bpp=1&bdt=572&idt=885&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=A9tUbY3ijK&p=https%3A//www.istoedinheiro.com.br&dtd=890

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 social
am-trc-events.taboola.com/editora3-istodinheiro/log/3/ 0
230 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editora3-istodinheiro/log/3/social?route=AM:AM:V&lti=deflated&ri=42a5303cb0c64736ffc6c0ffad54b8c2&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Hackers%20invadem%20Instagram%20de%20mulher%20de%20Moro%20e%20anunciam%20venda%20para%20%E2%80%98ajudar%20prima%E2%80%99%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22Estad%C3%A3o%20Conte%C3%BAdo%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.istoedinheiro.com.br%2Fwp-content%2Fuploads%2Fsites%2F17%2F2021%2F04%2Fdinheiro-facebook.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=15%3A51%3A51.609&id=9571&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 30ms
29ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 41ce4cc74582de929a55e49d724a6176a627842abc8da4034061f96ad37e6a51

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
access-control-allow-origin: https://www.istoedinheiro.com.br
machineid: 1444
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
pragma: no-cache
server: nginx
x-timer: S1649087511.588328,VS0,VE21
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 e3514786fc47badb667a8af7c92254b7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_570%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 48 KB
49 KB 14ms
14ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_570%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3514786fc47badb667a8af7c92254b7.png
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05e9b8e1c8204f72012ca7c6b1365311e1d7bb24e4893b529f2e05faa116678c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 953836
edge-cache-tag: 436974928201002823062998697534448679075,570022498201029664083002632265968085468,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436974928201002823062998697534448679075,570022498201029664083002632265968085468,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 94
x-cache: MISS, MISS, HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_570%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3514786fc47badb667a8af7c92254b7.png
content-length: 48998
x-request-id: a9874c9ad6dba881f7ef498d99b0e656
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 24 Mar 2022 06:20:52 GMT
server: nginx
x-timer: S1649087511.588678,VS0,VE1
etag: "71bdd4ca4cb7cc4b5eeba2481a69e208"
x-served-by: cache-iad-kjyo7100120-IAD, cache-iad-kiad7000088-IAD, cache-chi-kigq8000144-CHI, cache-iad-kcgs7200174-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 b5cb62d0ea2a7d272880f989f1a9854e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 55 KB
55 KB 17ms
16ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5cb62d0ea2a7d272880f989f1a9854e.jpeg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 29821da70acbfa2c125e281dde92274b9bae08f9138f773d8e359e3c3117f109

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 15791
edge-cache-tag: 455243054276472532257402421345695129474,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 455243054276472532257402421345695129474,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 502
x-cache: MISS, MISS, MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5cb62d0ea2a7d272880f989f1a9854e.jpeg
content-length: 55938
x-request-id: df1bd82ef2cfd9d0ff1ff6478644543f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Mon, 04 Apr 2022 09:56:44 GMT
server: nginx
x-timer: S1649087511.590069,VS0,VE1
etag: "1ac2ba9b62bd7245c026a2d9c7b7b730"
x-served-by: cache-iad-kiad7000060-IAD, cache-iad-kcgs7200075-IAD, cache-sna10724-LGB, cache-iad-kcgs7200088-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 sb10062663bj-001__qsprvfyJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 22 KB
22 KB 16ms
15ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/sb10062663bj-001__qsprvfyJ.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c7c18cffd1df01c555cb31fd251afd0d5849aaa5fc43818e840e23d6b69f22e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1505356
edge-cache-tag: 629605822173354263481583110368973607939,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629605822173354263481583110368973607939,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 245
expiration: expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/sb10062663bj-001__qsprvfyJ.jpg
content-length: 22188
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Fri, 11 Mar 2022 10:00:06 GMT
server: nginx
x-timer: S1649087511.590224,VS0,VE0
etag: "6e41ef3ddd91e74a6926de81569c3054"
x-served-by: cache-bwi5043-BWI, cache-iad-kcgs7200111-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 9

GET
H2 200 95feb8a1bac1de99d9e6c645b9725250.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_570%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 89 KB
89 KB 19ms
19ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_570%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d2132330b6e45f8536ab57f420dbbc4ee3cbe181f042a1c3ca97eb6802fc5684

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 2886661
edge-cache-tag: 454495853063637850906140981329147654090,570022498201029664083002632265968085468,29ecf9b93bbf306179626feeda1fab70
cache-tag: 454495853063637850906140981329147654090,570022498201029664083002632265968085468,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 434
expiration: expiry-date="Sun, 20 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_570%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
content-length: 90874
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Thu, 17 Feb 2022 07:21:36 GMT
server: nginx
x-timer: S1649087511.593230,VS0,VE1
etag: "b3095a87cdd54d1da85119829d0b6b12"
x-served-by: cache-bwi5036-BWI, cache-iad-kiad7000168-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 36ms
33ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2db274afec131333daac4f668c479d1085cec935a012f715c8cc3466e4faeab7

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
access-control-allow-origin: https://www.istoedinheiro.com.br
machineid: 1484
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
pragma: no-cache
server: nginx
x-timer: S1649087511.608134,VS0,VE19
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 f1915e48f459311820b4ac5b9f72ad3c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 55 KB
56 KB 14ms
12ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1915e48f459311820b4ac5b9f72ad3c.jpeg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac7eef38c799023bcf8ce6e4b078c64a70a8470dd98bd32d47ee30b62c1a3e5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 3397583
edge-cache-tag: 390858461851617090395919893697067935746,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 390858461851617090395919893697067935746,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 110
expiration: expiry-date="Sun, 20 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1915e48f459311820b4ac5b9f72ad3c.jpeg
content-length: 56776
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 17 Feb 2022 05:23:26 GMT
server: nginx
x-timer: S1649087511.608495,VS0,VE2
etag: "32a7bb9722dd7c9c78eb16bfb947a66d"
x-served-by: cache-bwi5020-BWI, cache-iad-kjyo7100156-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 09ebe742db2993dd8c4fdbab6be42c93.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 11ms
10ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09ebe742db2993dd8c4fdbab6be42c93.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 301e5a2c1745830292f25ccf6e91ef3e87cb8defe5358284d15db503624c9f2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1291708
edge-cache-tag: 409157601755146469174533368018969159490,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 409157601755146469174533368018969159490,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 38
expiration: expiry-date="Fri, 15 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09ebe742db2993dd8c4fdbab6be42c93.jpg
content-length: 19412
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 15 Mar 2022 17:32:25 GMT
server: nginx
x-timer: S1649087511.608658,VS0,VE1
etag: "2c2d3b605bd177d2c243b383f46c4982"
x-served-by: cache-iad-kiad7000097-IAD, cache-iad-kjyo7100134-IAD, cache-chi-kigq8000126-CHI, cache-iad-kjyo7100132-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 204 abtests
trc.taboola.com/editora3-istodinheiro/log/3/ 0
283 B 28ms
26ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/abtests?route=AM:AM:V&lti=deflated&ri=42a5303cb0c64736ffc6c0ffad54b8c2&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1649087511640%7D&tim=15%3A51%3A51.640&id=8443&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.619243,VS0,VE12
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 1138mc115-e1649082265438.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 32 KB
33 KB 107ms
107ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/1138mc115-e1649082265438.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a1d93588dd5205742c81b1447bd8817ade359dad14d7ce84ce80a6aacd41ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 98
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 910
edge-cache-tag: 437473790099402938756384189728902245214,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 437473790099402938756384189728902245214,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 728
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/1138mc115-e1649082265438.jpg
content-length: 33150
x-request-id: 121caafd899d39fade3a23054a6ed040
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Mon, 04 Apr 2022 14:46:28 GMT
server: nginx
x-timer: S1649087511.627633,VS0,VE98
etag: "10ee432a2611878dc2e97d1e35987174"
x-served-by: cache-iad-kiad7000047-IAD, cache-iad-kcgs7200067-IAD, cache-chi-kigq8000141-CHI, cache-iad-kiad7000177-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 tagreuters.com2022binary_LYNXNPEI330RK-BASEIMAGE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/Brazil... 77 KB
78 KB 98ms
97ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportAgribusinessNews/tagreuters.com2022binary_LYNXNPEI330RK-BASEIMAGE.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d8428de5aa9510c3bfc13b190b025d8db90d0ce20bc4f6e4b63b10c3debf968

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 91
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 9
edge-cache-tag: 403347059559570174533300615152084061583,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403347059559570174533300615152084061583,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 647
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportAgribusinessNews/tagreuters.com2022binary_LYNXNPEI330RK-BASEIMAGE.jpg
content-length: 78924
x-request-id: df7d0f72b60d41d031435d143bfc3386
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Mon, 04 Apr 2022 15:10:22 GMT
server: nginx
x-timer: S1649087511.627749,VS0,VE91
etag: "9262e5e65545d7dbba10a9d1aea6b08f"
x-served-by: cache-iad-kiad7000153-IAD, cache-iad-kjyo7100033-IAD, cache-chi-kigq8000038-CHI, cache-iad-kcgs7200032-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 tagreuters.com2022binary_LYNXNPEI330RC-BASEIMAGE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/Brazil... 26 KB
27 KB 100ms
100ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportTopNews/tagreuters.com2022binary_LYNXNPEI330RC-BASEIMAGE.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f90d4da7c1366a3247dd07f3358c9796067ed4c09ee156e21828f1da3f66d2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 910
edge-cache-tag: 482727559632586182346229028073594669042,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 482727559632586182346229028073594669042,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 662
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportTopNews/tagreuters.com2022binary_LYNXNPEI330RC-BASEIMAGE.jpg
content-length: 26892
x-request-id: aff8460c86bcb233c7495e3aa3f402c1
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Mon, 04 Apr 2022 15:00:42 GMT
server: nginx
x-timer: S1649087511.627826,VS0,VE93
etag: "18b1ad07c4a610a318fa236590437a21"
x-served-by: cache-iad-kcgs7200076-IAD, cache-iad-kjyo7100088-IAD, cache-sna10728-LGB, cache-iad-kcgs7200077-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 megasenadsc-5262-e1646867867200.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/03/ 26 KB
27 KB 105ms
105ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/03/megasenadsc-5262-e1646867867200.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cacdec72c24a64eb8ce0833608a5e365edf047a01ee503629b2b8052bd61fde7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 97
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 2217688
edge-cache-tag: 386655440085158363527122995119640764545,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 386655440085158363527122995119640764545,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 155
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/03/megasenadsc-5262-e1646867867200.jpg
content-length: 26976
x-request-id: 49a1a632829e9c5e9685afe0d343a098
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 09 Mar 2022 23:32:51 GMT
server: nginx
x-timer: S1649087511.628369,VS0,VE97
etag: "7b1568e43d2e743504898d4c9489a57d"
x-served-by: cache-bwi5020-BWI, cache-iad-kiad7000098-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 5307b098aa65706d9962cc0e389d7f11af7cade4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 14 KB
15 KB 566ms
566ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/5307b098aa65706d9962cc0e389d7f11af7cade4.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1478f042e2da781138cd0286ba1ce5d5ffcdf5905879c58433fb4dd8e9c2e743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 557
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 585913172019408530919578309104921971567,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
cache-tag: 585913172019408530919578309104921971567,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 390
x-cache: MISS, MISS, MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/5307b098aa65706d9962cc0e389d7f11af7cade4.jpg
content-length: 14416
x-request-id: 3fc99c88e9f7376fb1c08d68a332a7a6
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Mon, 04 Apr 2022 13:45:15 GMT
server: nginx
x-timer: S1649087511.629412,VS0,VE557
etag: "77d6370061e55e7f43733391936b9cb3"
x-served-by: cache-iad-kcgs7200094-IAD, cache-iad-kjyo7100099-IAD, cache-bur-kbur8200131-BUR, cache-iad-kjyo7100065-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 dinheiro-facebook.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2021/04/ 6 KB
7 KB 15ms
15ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2021/04/dinheiro-facebook.png
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e45d7c1768e0495a3588b75fe0afcdd68a6bce4535c0fd1383aa95dc3670132e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1641556
edge-cache-tag: 299758435984338718236468388527226710677,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 299758435984338718236468388527226710677,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 93
expiration: expiry-date="Wed, 30 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2021/04/dinheiro-facebook.png
content-length: 6410
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Sun, 27 Feb 2022 16:56:52 GMT
server: nginx
x-timer: S1649087511.629842,VS0,VE1
etag: "9e9358558be8646742fed36c35ae940b"
x-served-by: cache-bwi5083-BWI, cache-iad-kjyo7100021-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 tagreuters.com2022binary_LYNXNPEI330K8-BASEIMAGE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilO... 51 KB
52 KB 101ms
101ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportTopNews/tagreuters.com2022binary_LYNXNPEI330K8-BASEIMAGE.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 75424d72395f6c3091d4dd5f97d24cc96988358b1b0664f55ea6e7e7b7ea21a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 91
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 11074
edge-cache-tag: 387737971596208061972048618525915108211,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 387737971596208061972048618525915108211,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 395
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportTopNews/tagreuters.com2022binary_LYNXNPEI330K8-BASEIMAGE.jpg
content-length: 52576
x-request-id: 961c07194a8e1f7b3f2f8e1b63348c9a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 04 Apr 2022 12:28:13 GMT
server: nginx
x-timer: S1649087511.647974,VS0,VE91
etag: "f4f5870a1449e1b489ad76bd5607a44a"
x-served-by: cache-iad-kjyo7100044-IAD, cache-iad-kcgs7200119-IAD, cache-chi-kigq8000047-CHI, cache-iad-kiad7000149-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 61353986_303.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 43 KB
44 KB 101ms
100ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/61353986_303.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c7559fb0131373d051d9a3832775a88e60e9fb8c1dd1d2b574e60c6f7c3ab64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 3086
edge-cache-tag: 481739508245191473868932967830269442266,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 481739508245191473868932967830269442266,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 782
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/61353986_303.jpg
content-length: 44046
x-request-id: 73b21ab6bf762d34f5230488e458c9a0
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Mon, 04 Apr 2022 14:53:37 GMT
server: nginx
x-timer: S1649087511.729936,VS0,VE93
etag: "848a946fedcc084f63e5edfed57ffc76"
x-served-by: cache-iad-kiad7000083-IAD, cache-iad-kiad7000117-IAD, cache-bur-kbur8200101-BUR, cache-iad-kiad7000045-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
2 KB 747ms
747ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e54e1898e07a5e977ce304b2f937c457c966846998c86bc75227fd5328d5c38

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
content-encoding: gzip
access-control-allow-origin: https://www.istoedinheiro.com.br
machineid: 1403
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
pragma: no-cache
server: nginx
x-timer: S1649087511.631389,VS0,VE741
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 e3514786fc47badb667a8af7c92254b7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 40 KB
41 KB 10ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3514786fc47badb667a8af7c92254b7.png
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da33e0480015a2c97b41a84727b8acc00d8154e24e6b4dca86eded18eeaf140b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 953892
edge-cache-tag: 436974928201002823062998697534448679075,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436974928201002823062998697534448679075,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 702
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3514786fc47badb667a8af7c92254b7.png
content-length: 41090
x-request-id: ad56623594424fd17436f961511090d2
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Thu, 24 Mar 2022 06:20:52 GMT
server: nginx
x-timer: S1649087511.730049,VS0,VE1
etag: "a03b03a56e171dc3d58596a1980d429c"
x-served-by: cache-iad-kcgs7200031-IAD, cache-iad-kjyo7100059-IAD, cache-sna10745-LGB, cache-iad-kjyo7100097-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 95feb8a1bac1de99d9e6c645b9725250.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 74 KB
74 KB 9ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e246af5bc653ef7381c867ed45a030c24b8d1d894f10b0662c0c6eec7a9e113

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 2801489
edge-cache-tag: 454495853063637850906140981329147654090,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 454495853063637850906140981329147654090,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 111
expiration: expiry-date="Wed, 30 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
content-length: 75548
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Sun, 27 Feb 2022 02:17:14 GMT
server: nginx
x-timer: S1649087511.735168,VS0,VE1
etag: "8ba703b55f70a8787f97e987c3dc226f"
x-served-by: cache-bwi5053-BWI, cache-iad-kjyo7100086-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 tagreuters.com2022binary_LYNXNPEI330I4-BASEIMAGE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilO... 27 KB
28 KB 119ms
113ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportTopNews/tagreuters.com2022binary_LYNXNPEI330I4-BASEIMAGE.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 33cdf2124853e3b8246135daaca7ff16fe85f80a07d86e32fd0a97e59b12f7f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 106
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 14015
edge-cache-tag: 308836153486727121326606662732324354506,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 308836153486727121326606662732324354506,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 381
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/Reuters_Direct_Media/BrazilOnlineReportTopNews/tagreuters.com2022binary_LYNXNPEI330I4-BASEIMAGE.jpg
content-length: 27404
x-request-id: 6d166514c1799cf8d91e4dfafdae9947
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Mon, 04 Apr 2022 11:48:28 GMT
server: nginx
x-timer: S1649087511.741571,VS0,VE106
etag: "2b1a36568776760fbd9789fba4841699"
x-served-by: cache-iad-kiad7000104-IAD, cache-iad-kcgs7200024-IAD, cache-bur-kbur8200042-BUR, cache-iad-kiad7000129-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 2276ee193fb5881319d8f522152cead5e48bd829-e1649082280820.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 22 KB
23 KB 104ms
100ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/2276ee193fb5881319d8f522152cead5e48bd829-e1649082280820.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cef94772467bcd1ded662ecfa0552e6c0bb0d3e4a0e8dfdb944f4099578991f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 2139
edge-cache-tag: 415913080877391722442330033829982832900,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 415913080877391722442330033829982832900,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 432
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/2276ee193fb5881319d8f522152cead5e48bd829-e1649082280820.jpg
content-length: 22702
x-request-id: 21ecf463b01b2d5d3ac58f5ef7ee105c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Mon, 04 Apr 2022 15:08:46 GMT
server: nginx
x-timer: S1649087511.744896,VS0,VE94
etag: "e28d1ec6189fda84ae50a5d07fadc8b6"
x-served-by: cache-iad-kiad7000037-IAD, cache-iad-kjyo7100086-IAD, cache-sna10737-LGB, cache-iad-kiad7000025-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 b5cb62d0ea2a7d272880f989f1a9854e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 33 KB
34 KB 10ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5cb62d0ea2a7d272880f989f1a9854e.jpeg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: abe061629ba1d65119146172805f73b0d9471bc26b2bd7112545e4a40e902047

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 17170
edge-cache-tag: 455243054276472532257402421345695129474,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 455243054276472532257402421345695129474,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 396
x-cache: MISS, MISS, MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5cb62d0ea2a7d272880f989f1a9854e.jpeg
content-length: 33670
x-request-id: c7acec6d954fd9e994cc04361551565f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 04 Apr 2022 09:56:44 GMT
server: nginx
x-timer: S1649087511.746563,VS0,VE1
etag: "9d13bb2c63f34488fc750340550ecbc0"
x-served-by: cache-iad-kcgs7200050-IAD, cache-iad-kiad7000098-IAD, cache-chi-kigq8000124-CHI, cache-iad-kjyo7100048-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 sb10062663bj-001__qsprvfyJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 18 KB
19 KB 9ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/sb10062663bj-001__qsprvfyJ.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a1e8dc7b324fb8411e9288f0d699d75d26c81e3836ff498ba1a0129d6a7f6622

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1586713
edge-cache-tag: 629605822173354263481583110368973607939,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629605822173354263481583110368973607939,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 105
expiration: expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/sb10062663bj-001__qsprvfyJ.jpg
content-length: 18332
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Fri, 11 Mar 2022 10:07:59 GMT
server: nginx
x-timer: S1649087511.748530,VS0,VE1
etag: "ce7897c062e835a89ddec5dda497189d"
x-served-by: cache-wdc5546-WDC, cache-iad-kjyo7100150-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 shibata-supermetcado-1280x720.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 42 KB
42 KB 106ms
104ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/shibata-supermetcado-1280x720.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7113c726067335f79f109856070c2b74a706f1cb968fd30b6a8d9c790f8fe3c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 95
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 4401
edge-cache-tag: 512171795258586910063911842390430279949,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 512171795258586910063911842390430279949,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 580
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/shibata-supermetcado-1280x720.jpg
content-length: 42500
x-request-id: 916a506a6a52e417ab18ec56726f26ed
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Mon, 04 Apr 2022 13:52:56 GMT
server: nginx
x-timer: S1649087511.760529,VS0,VE95
etag: "deca2cd28f5ef2831da50382591f358b"
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kiad7000058-IAD, cache-sna10720-LGB, cache-iad-kjyo7100040-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 bcaec888b6250793b0bba5a91918c95c98b303fa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 51 KB
51 KB 107ms
105ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/bcaec888b6250793b0bba5a91918c95c98b303fa.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 84ac5e66de0d66384188d56ac5c8a7b2e50f42535c331a542a930fe0bd24ae8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 98
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 4568
edge-cache-tag: 447983823281574161327952607030465777276,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 447983823281574161327952607030465777276,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 701
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/bcaec888b6250793b0bba5a91918c95c98b303fa.jpg
content-length: 51828
x-request-id: ccf8291ae14bd18318797a1b88e45bd8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Mon, 04 Apr 2022 14:00:04 GMT
server: nginx
x-timer: S1649087511.760626,VS0,VE98
etag: "c94481621e60fb716eac8c1aca709907"
x-served-by: cache-iad-kiad7000110-IAD, cache-iad-kjyo7100117-IAD, cache-bur-kbur8200155-BUR, cache-iad-kjyo7100150-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A142
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWod8h-4CwkGncE9xDdRcc&google_cver=1&google_push=AYg5qPLUSKVISZFtNtwxR3NjFqDAoTd7KfYrc0twihGoup9-24qJ_GZJRH...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLUSKVISZFtNtwxR3NjFqDAoTd7KfYrc0twihGoup9-24qJ_GZJRH5tGyfkBC21xwvymZ2HWyAsbgHOAClxnJbS5HOQs-8&google_hm=0Vkmtc-5eZlhs...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLUSKVISZFtNtwxR3NjFqDAoTd7KfYrc0twihGoup9-24qJ_GZJRH5tGyfkBC21xwvymZ2HWyAsbgHOAClxnJbS5HOQs-8&google_hm=0Vkmtc-5eZlhs0TTkEHPQw

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLUSKVISZFtNtwxR3NjFqDAoTd7KfYrc0twihGoup9-24qJ_GZJRH5tGyfkBC21xwvymZ2HWyAsbgHOAClxnJbS5HOQs-8&google_hm=0Vkmtc-5eZlhs0TTkEHPQw
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A142
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJwTK4mulI7oMqh_eSFGi75UjHrWEax-OgA50282rt0M5lrvab_hUz21gOt8j4jsfEXof2ZJMb0PGoonj7GCzhDCiz9jw&google_gid=CAESEAB9CavVvxr46vCty6oOLck&googl...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcFlXRW1JNFVmbW9uZl9KOHQ4VXhqaWMwWUQ1V0hCSl83c3U5b25aakotYw==&google_push

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcFlXRW1JNFVmbW9uZl9KOHQ4VXhqaWMwWUQ1V0hCSl83c3U5b25aakotYw==&google_push

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcFlXRW1JNFVmbW9uZl9KOHQ4VXhqaWMwWUQ1V0hCSl83c3U5b25aakotYw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame A142 43 B
64 B 32ms
22ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDhK9X2uT1MEr08MLqZ5lSw&google_cver=1&google_push=AYg5qPJ1JDSQKf9xzI_HyRrC__Vs7qygvqUdRpbbaKPRLxe_Hz9VXZda9Fopyeww7QQfZ1_OWGr7OieNrCIvC8yfu2n5gD6mGFc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1592119126114388&output=html&h=200&slotname=1648434458&adk=1933033968&adf=3828634993&pi=t.ma~as.1648434458&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509711&bpp=1&bdt=570&idt=731&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=2&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=CGuyzHHzL1&p=https%3A//www.istoedinheiro.com.br&dtd=736
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: n5kbk6d11rjpcprcvvbp94ep3isqq98j

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A142
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UCefx-qYQwyLBU96QEfvSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UCefx-qYQwyLBU96QEfvSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKvPOyjIAJP6LX_4cv4JcJ_HXGSogmWv_hj2xZbFf9MwrD5jpR2ejVRzjkhcCGGEyKR49JadamxuXFTe241xXxXgh3pqiE

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UCefx-qYQwyLBU96QEfvSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKvPOyjIAJP6LX_4cv4JcJ_HXGSogmWv_hj2xZbFf9MwrD5jpR2ejVRzjkhcCGGEyKR49JadamxuXFTe241xXxXgh3pqiE
date: Mon, 04 Apr 2022 15:51:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A142
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMf15y77k_xSw6iteXIKpA&google_cver=1&google_push=AYg5qPIWUJLBX_y997bd76oCpIrSrxS7u5GF2jZpJ9BoidvQ8dRqDM2JymwvNsWPhMImbpWSD6u...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJVVYtMjQtMkJXNw==&google_push=AYg5qPIWUJLBX_y997bd76oCpIrSrxS7u5GF2jZpJ9BoidvQ8dRqDM2JymwvNsWPhMImbpWSD6uD_oL24PEuSpLtqFOvQ9bOZQ

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJVVYtMjQtMkJXNw==&google_push=AYg5qPIWUJLBX_y997bd76oCpIrSrxS7u5GF2jZpJ9BoidvQ8dRqDM2JymwvNsWPhMImbpWSD6uD_oL24PEuSpLtqFOvQ9bOZQ

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJVVYtMjQtMkJXNw==&google_push=AYg5qPIWUJLBX_y997bd76oCpIrSrxS7u5GF2jZpJ9BoidvQ8dRqDM2JymwvNsWPhMImbpWSD6uD_oL24PEuSpLtqFOvQ9bOZQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame A142
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vP...

0
0

GET googleredir
googlecm.hit.gemius.pl/ Frame A142 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A142 0
12 B 21ms
20ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3g-V3UG2kEwKPpodpYk64Cb-Qg6tGn_8AKl6o54JTV1uA3PMOl5q9h_sZDTeg9KPlh6dH6Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 831C 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 8738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Tue, 05 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E5FB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82e9c8522242fe5247600454aa211a3e1007237c6330a7dba9418ab4e425c1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AD0F 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 10:24:17 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A186 42 B
64 B 60ms
44ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjhORRCYyx1l2awF8_VlYal5NKDmuVocl5rMMP5SjOLCdL4XYBMtWVZLHDYeLwa7FcwSZTmVnyxJy8XsL8ni_qGui_UBVQKIhAfFxg4UTn6BpNGORDTg&sai=AMfl-YQzmHKhZwUfOEe5fPW0PfDTzzJ6tBukrwz6bPmhlcuZN6sODKqE_yGircKAvU7XUf4XSCnUlkKDbmEIHucJYVyTpZWH9_vvoD90BVnAgeE2SeD42PrDs3rN5yL9bV4&sig=Cg0ArKJSzDb6i0EkMpLPEAE&cid=CAASJ-RoYa1pq1FggUMEnTE2Z0idFQBMEIIWkJ1GmcVEJwgGwZXKhW4mcA&id=lidar2&mcvt=1066&p=197,315,287,1285&mtos=1066,1066,1066,1066,1066&tos=1066,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2119568665&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649087509904&rpt=782&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A02
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWod8h-4CwkGncE9xDdRcc&google_cver=1&google_push=AYg5qPKPKc9PSe15aLqrmzl4CBR2bDSp7RLsMdq8_-0j6PvLBitZb3Nass...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKPKc9PSe15aLqrmzl4CBR2bDSp7RLsMdq8_-0j6PvLBitZb3NassgB7RVX9WrIHVaagDNlNlfJKNsEaoOLKHf17rGPxw&google_hm=0Vkmtc-5eZlhs0...

170 B
188 B

23ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKPKc9PSe15aLqrmzl4CBR2bDSp7RLsMdq8_-0j6PvLBitZb3NassgB7RVX9WrIHVaagDNlNlfJKNsEaoOLKHf17rGPxw&google_hm=0Vkmtc-5eZlhs0TTkEHPQw

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKPKc9PSe15aLqrmzl4CBR2bDSp7RLsMdq8_-0j6PvLBitZb3NassgB7RVX9WrIHVaagDNlNlfJKNsEaoOLKHf17rGPxw&google_hm=0Vkmtc-5eZlhs0TTkEHPQw
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A02
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJGWqo4y2BCDI6Q9EWM4SocDwYxwC8qR6qL7TS...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtzVUZnQUFCUDlhMTNvYg&google_push=AYg5qPJGWqo4y2BCDI6Q9EWM4SocDwYxwC8qR6qL7TSloGCoL5kD4RqZ_v7L332pwK4Mh0Z682MdLqTwsk_qA1TCbWo6NbZyJmg

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtzVUZnQUFCUDlhMTNvYg&google_push=AYg5qPJGWqo4y2BCDI6Q9EWM4SocDwYxwC8qR6qL7TSloGCoL5kD4RqZ_v7L332pwK4Mh0Z682MdLqTwsk_qA1TCbWo6NbZyJmg

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtzVUZnQUFCUDlhMTNvYg&google_push=AYg5qPJGWqo4y2BCDI6Q9EWM4SocDwYxwC8qR6qL7TSloGCoL5kD4RqZ_v7L332pwK4Mh0Z682MdLqTwsk_qA1TCbWo6NbZyJmg
Date: Mon, 04 Apr 2022 15:51:50 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 0A02 43 B
609 B 269ms
104ms Image
image/gif 35.190.90.30
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEL_r7GNabJfPvnL8wbA9Uw8&google_push=AYg5qPL7WNQe--e0-i3XC0x4-EW3Ph546Uj0SApFu5BZMyC1yxOT-RbxW44ooqoTRNDOUlnQ1AMmoCVVSnyPejM9EIT8LW4cAw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.90.190.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 0A02 43 B
64 B 24ms
22ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDhK9X2uT1MEr08MLqZ5lSw&google_cver=1&google_push=AYg5qPITAx-7UC-7Hex6feWJLoOvblssrTMR9Ad5D-b0RtZrQfuVdEaXh7YXceMKFcjZt1FioPrcR6zC6LkgHFGqjXRytzIsig
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ni2kfs408lu3nt1192bcaa66bonnfg8i

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A02
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eVXozFozTO-Bb8v8rlN4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eVXozFozTO-Bb8v8rlN4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ0gsdpadkBrcn-CSSo7oxic8KPkooELsebTvB_3zx_c_Ub3KpEUa7Ihoz25AdcESa51lRBaj-tAnqT0u27ZnhVLcZTTw

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eVXozFozTO-Bb8v8rlN4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ0gsdpadkBrcn-CSSo7oxic8KPkooELsebTvB_3zx_c_Ub3KpEUa7Ihoz25AdcESa51lRBaj-tAnqT0u27ZnhVLcZTTw
date: Mon, 04 Apr 2022 15:51:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A02
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMf15y77k_xSw6iteXIKpA&google_cver=1&google_push=AYg5qPJpq2reBSi2jv_96GjcUzZZUcKbvxTWJZu2ahuNBmRtkwTDoiL841anQs8Bpeam8C-qDjC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJWE4tMU8tM0pZNQ==&google_push=AYg5qPJpq2reBSi2jv_96GjcUzZZUcKbvxTWJZu2ahuNBmRtkwTDoiL841anQs8Bpeam8C-qDjCS9rjIilqrKV6mjnffMVHFvl8

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJWE4tMU8tM0pZNQ==&google_push=AYg5qPJpq2reBSi2jv_96GjcUzZZUcKbvxTWJZu2ahuNBmRtkwTDoiL841anQs8Bpeam8C-qDjCS9rjIilqrKV6mjnffMVHFvl8

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRJWE4tMU8tM0pZNQ==&google_push=AYg5qPJpq2reBSi2jv_96GjcUzZZUcKbvxTWJZu2ahuNBmRtkwTDoiL841anQs8Bpeam8C-qDjCS9rjIilqrKV6mjnffMVHFvl8
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 0A02
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5Sr...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0A02 0
12 B 17ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JcThvDCwHC9kxp7YeNxrH32ZJ66zkTVj7oF2gAM8KiSPxpcAe6Pm-E-1DZNWxOKy2I3uou

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.6.9/ 100 KB
29 KB 11ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5370c8f238d0ae8b1400cff5df17563faca18ebfc2372d0948e20087984e2d19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront), 1.1 varnish
age: 680979
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 29420
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 02 Mar 2022 12:50:08 GMT
server: AmazonS3
x-timer: S1649087511.760555,VS0,VE0
etag: "fc14dc1b8b9b350592c06408d9365f23"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: RdCKEbq5DBy3hPY6ihqU1cl35mclg9o0Z8UZl8QoxXuEC4Wpw3j22A==
x-cache-hits: 15154

GET
H2 200 next-up-widget.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 15 KB
5 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-istodinheiro/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd1e0f6bc2483746c6de40855f5d063a9db8071b026da06f68606b514ac2126e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: pMDtzKF43gZhsEGOTBFIg2..z.WnZYTv
content-encoding: gzip
etag: "62dd63d478ff0e9474f3ea4122cc0456"
age: 24546
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4315
x-amz-id-2: /gFNFDGNeQOYK8Vc85XNccERUcIMFyd4xYxWbjz7PsRsYmWpScTcvahR2faQoEDiUp1E3c0/Okw=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 04 Apr 2022 08:58:25 GMT
server: AmazonS3
x-timer: S1649087511.760706,VS0,VE0
date: Mon, 04 Apr 2022 15:51:50 GMT
vary: Accept-Encoding
x-amz-request-id: W7Q0W3PFRQD9YGJ4
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 533

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame E5FB 28 KB
28 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 493508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:46:42 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D55A 12 KB
5 KB 173ms
37ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 944023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6qk31okJTsvUj0pfXdKDsnRsjKHWuE05TsiB1fx0TIa8aIl7gCggAfUzJjZqqX7E0PpRAE3JVI%2B0Jw%2BNkGBqQF%2BlkAm8PZ62Jyt2Rx1KtQOq3l9Fn1qKllOCXhj6SP%2BL3D8WSmVtQbIZSB78iCaeize"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f6b352f3efe020d-ZRH
expires: Sat, 25 Mar 2023 15:51:50 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D55A 12 KB
6 KB 19ms
19ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 15:51:50 GMT

GET
H2 200 b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
static.criteo.net/design/dt/ Frame D55A 56 KB
56 KB 65ms
23ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
last-modified: Thu, 24 May 2018 07:59:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0670fe-dec4"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 15:51:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D55A 5 KB
5 KB 139ms
32ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=396&m=0&partner=942&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F942%2F210816%2Ff0385941b58c4db180e9e3b6f328c160_logo_c-a_black.png&v=3&w=196&s=nHB5kKX0XyBHFXVqtBeh19fk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ddf9a311a472730fa4dc7d178506179fe3659b8248d5ef17089dba880446f3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29859174
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5356
expires: Thu, 16 Mar 2023 06:04:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D55A 12 KB
13 KB 136ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1648202111%2F2171642-1-01.jpg&v=3&w=400&s=JqPEnd16fPWFD6y9jZfUAP_e&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2991b4dc0d8ed74dd582f58f32b5984a0e32cf0b749a3d4514a10cb9604f54b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30682575
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12558
expires: Sat, 25 Mar 2023 18:48:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D55A 8 KB
8 KB 137ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1636376864%2F2157497-1-01.jpg&v=3&w=400&s=FpgG7qCBVcVRkoWptkhkwVbS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4a0b5a08fb411988634612c09da0338757a1367628929cbea2dd65de0deb8901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29476322
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8226
expires: Sat, 11 Mar 2023 19:43:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D55A 8 KB
8 KB 122ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1647240449%2F2165712-2-01.jpg&v=3&w=400&s=INm41aVTLiggdnAV3lF7GXT7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3ded89eba7f3c78bc7257e0653550c7d7ba53148cb9083a9d0dabbbbdf9e384f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29744669
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7904
expires: Tue, 14 Mar 2023 22:16:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D55A 7 KB
7 KB 143ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1643894011%2F2174049-1-01.jpg&v=3&w=400&s=rH00T2V6QwJfbcb6xrgKU8fd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7f223ac2cab7bd90937d7e7d08ea11ae003dc6c45b0d8c2d10a145d894d71ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29104353
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7332
expires: Tue, 07 Mar 2023 12:24:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D55A 5 KB
6 KB 146ms
39ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1643897649%2F2165926-1-01.jpg&v=3&w=400&s=fIhqHxwFHDXPwYkjp7Z8XxvW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

39aadaa6a1ef0a579c0f8185e425ef799c1d9340b01922a0864c6da88a997f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29436975
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5490
expires: Sat, 11 Mar 2023 08:48:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D55A 7 KB
7 KB 26ms
25ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1637752623%2F2117954-3-01.jpg&v=3&w=400&s=5jqN-4-PgJhrUqkxNXoAoX_M&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

85d7b0b7c564c527c834963e7bdabef36438c705da80c629e5a30115b992d9cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30675278
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6882
expires: Sat, 25 Mar 2023 16:46:29 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D55A 0
128 B 96ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=YuGPwwnM9gk_GZDsnBiFxFWv8LQbkh8pXOWd5k0FzosfyMESLfngHY90e6Iw2xrgCzv1AjT0513eGBxGj_cdYw5gQkyl9mczZQpzjpZHviAftWQh5fYybF4qVk8TSNKsXdvqjVOxYuBz8P0ZS5W782IqyIrzRNhp2tku5l5OSlEer6XKAEhXswxFBRnAmLCsh8Mdl3fMaPAQDkT-e2psx6ZTpNZanRe0-3wd16lvyuMUdBuYqM_Z8PsQ7L4M5jlTNPlYIA&sds=2&rev=81065&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Apr 2022 15:51:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D55A 2 KB
1 KB 23ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 15:51:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D55A 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 15:51:50 GMT

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame CE19 35 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=1897708802&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509712&bpp=1&bdt=570&idt=789&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=dc1fsI91UB&p=https%3A//www.istoedinheiro.com.br&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 10:24:17 GMT

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
2 KB 11ms
11ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront), 1.1 varnish
age: 2566312
x-amz-meta-mtime: 1580720676
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1649087511.921276,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: weURnwUwOHgFt6bTo3Iz_wVjW8GmAzFabBY2qdh0wOmhvZi_Ab2wtQ==
x-cache-hits: 126404

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
60 B 24ms
24ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=42a5303cb0c64736ffc6c0ffad54b8c2&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A52.037&id=2393&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.021360,VS0,VE12
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
276 B 15ms
15ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=42a5303cb0c64736ffc6c0ffad54b8c2&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%7D&tim=15%3A51%3A52.039&id=9082&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.021482,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E9B3 0
0 42ms
42ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck3h9FBRLYor1MZKLjuwPg7mvoATuuYu9aeX-qaXcD_qd3KDUARABIOeIqB5g-4GAgJQKoAGdk-uSA8gBCakCyLOxO8LOjD7gAgCoAwGqBMoCT9D1nLJfpgcVMqwaQ_u-XHBO7EtT-Z1s9WKnT6x4bq3jJE55_T8r62jnPDE-ti37iU2HTyhwuU8E-TJCDL0kDYHFlxqaKVxG52mAENru9jYBhnQSBEWvswvtsojvtgbWetDhrldAHdAEMByBurorh6wOiq999CihSVu38vZLOABe_o83DWzGYPuZZpIc5tKk5T8xoTcq9EJ3Wof8yLCBf6k3GlsF0ehUQ19ttdgQ5SCp5c1zEsGYuM-ZZwRq5MaYz1jlOwG5yuJS0mfoZUqRv_NGeunWcsWabLaXZ_2wF316ewg0fjRvWgcwxCiGbDuAUOzVWcn0C_kLXz4oJh14qMg3iPFsaG2FWPgEx1COcSpiOdh7BYu0LAm1Hl0FJwOka3D92xlPoUMtN265WWLUxyxZ265Ohfyjes-JhWDhbdJmk_1-O53q0qF_wATipIOs9APgBAGgBi6AB7rqzJEDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5ZEO0ggJCIjhgBAQARgdgAoDyAsB2BMDiBQB0BUBgBcBshceChwIABIUcHViLTgzMjk5Mjg4NDQwMzMwMjQYh7AO&sigh=RQyfxEBPFno&vt=1&template_id=419&uach_m=[]
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E9B3 42 B
64 B 44ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuN1oInr30s5gLAGzStCpMTJLr8YSuamaY8t4wUUma-9yjakt7RGV9zpmoLxuQLC2jg-p28LsBOOIs7kA6C4XA9jmO6LMrx5fn8WxkztD3Jkvk0mUqdfQ&sai=AMfl-YRjIR4xgDoRC_dvxVEk8BMqsbx1k1rzlt97k0iVwDdo1U2uhjj3VrRVZLcoAKkFWLIMZKmuc5nuNw6s0joXNgBtp4L0LRDJfS_SWv63hZ8SFkgSpobSUbWpUAjcwCDl&sig=Cg0ArKJSzGymHYeTw4D3EAE&id=ampim&o=250,308&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1054&mtos=0,0,1054,1054,1054&tos=0,0,1054,0,0&tfs=621&tls=1675&g=100&h=100&tt=1675&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2319025774

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 831C
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWod8h-4CwkGncE9xDdRcc&google_cver=1&google_push=AYg5qPKuUgPBg8sPozSe0dd_ERy4Au0uAJDRjiFke-YM2N8KnFGl8YU9EC...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKuUgPBg8sPozSe0dd_ERy4Au0uAJDRjiFke-YM2N8KnFGl8YU9ECYHvT0YkiHo8_RZLbaVIVL5ghSuVXzMLoJoLpro1Ho&google_hm=0Vkmtc-5eZlhs...

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKuUgPBg8sPozSe0dd_ERy4Au0uAJDRjiFke-YM2N8KnFGl8YU9ECYHvT0YkiHo8_RZLbaVIVL5ghSuVXzMLoJoLpro1Ho&google_hm=0Vkmtc-5eZlhs0TTkEHPQw

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKuUgPBg8sPozSe0dd_ERy4Au0uAJDRjiFke-YM2N8KnFGl8YU9ECYHvT0YkiHo8_RZLbaVIVL5ghSuVXzMLoJoLpro1Ho&google_hm=0Vkmtc-5eZlhs0TTkEHPQw
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 831C
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEK6hSRGTlDjwhpx240F_bkI&google_cver=1&google_push=AYg5qPITyGfoPdqRh-ER6BglOqL8yxtcZsjDzxOmBtdUffZ2Qw9Dk1cP0XFcAJeMsK5Co44VJ0PZQS57NvJuuYH8stJAK_4XI2I
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPITyGfoPdqRh-ER6BglOqL8yxtcZsjDzxOmBtdUffZ2Qw9Dk1cP0XFcAJeMsK5Co44VJ0PZQS57NvJuuYH8stJAK_4XI2I&google_hm=Q0FFU0VLNmhTUkdUbERqd2...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPITyGfoPdqRh-ER6BglOqL8yxtcZsjDzxOmBtdUffZ2Qw9Dk1cP0XFcAJeMsK5Co44VJ0PZQS57NvJuuYH8stJAK_4XI2I&google_hm=Q0FFU0VLNmhTUkdUbERqd2hweDI0MEZfYmtJ

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 15:51:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPITyGfoPdqRh-ER6BglOqL8yxtcZsjDzxOmBtdUffZ2Qw9Dk1cP0XFcAJeMsK5Co44VJ0PZQS57NvJuuYH8stJAK_4XI2I&google_hm=Q0FFU0VLNmhTUkdUbERqd2hweDI0MEZfYmtJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame 831C 42 B
307 B 19ms
15ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLe35fib832xNq_mDdxzqcjUD7I8AGJAZsDG39ZnGoy5QiuVKoFipAvPKsOOcPTHkwqkYfcAU4YA0wmTaJmYIW45hSM4A&google_gid=CAESEAB9CavVvxr46vCty6oOLck&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3 200 dds
rtb.openx.net/sync/ Frame 831C 43 B
64 B 26ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDhK9X2uT1MEr08MLqZ5lSw&google_cver=1&google_push=AYg5qPIJVNMjpdvhxEpLVYpAfHiniH16Osp31hArv85vEOD3aQs8c_pCcqOkhjoNHtKH8QvhqPamPP1kYRjoBGLFCEbRdp8Ew58
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: d87s7dm5pou7ndov7ta137uq758ho278

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 831C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UCefx-qYQwyLBU96QEfvSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UCefx-qYQwyLBU96QEfvSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJHDlB-tfZ7JExLmYqoVlOGPwpgXQ7_J1xx0XnF0VvBG-r7jMHOfOr2EvYjTRB6e3B84ejuNpCBqCebxKa7ZIoAT5Ass4U

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UCefx-qYQwyLBU96QEfvSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJHDlB-tfZ7JExLmYqoVlOGPwpgXQ7_J1xx0XnF0VvBG-r7jMHOfOr2EvYjTRB6e3B84ejuNpCBqCebxKa7ZIoAT5Ass4U
date: Mon, 04 Apr 2022 15:51:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 831C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMf15y77k_xSw6iteXIKpA&google_cver=1&google_push=AYg5qPJ5KtXckf1-pduNKO02LCrrpkuY7-9EoqlenkiyDc2nMCBzfQC_GZgOD5VXVeWUIR6B5Vl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRKNlktMU4tTTlRVA==&google_push=AYg5qPJ5KtXckf1-pduNKO02LCrrpkuY7-9EoqlenkiyDc2nMCBzfQC_GZgOD5VXVeWUIR6B5VlI3aZK_1EaaDQxoSR6Ui1ZyA

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRKNlktMU4tTTlRVA==&google_push=AYg5qPJ5KtXckf1-pduNKO02LCrrpkuY7-9EoqlenkiyDc2nMCBzfQC_GZgOD5VXVeWUIR6B5VlI3aZK_1EaaDQxoSR6Ui1ZyA

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLVzRKNlktMU4tTTlRVA==&google_push=AYg5qPJ5KtXckf1-pduNKO02LCrrpkuY7-9EoqlenkiyDc2nMCBzfQC_GZgOD5VXVeWUIR6B5VlI3aZK_1EaaDQxoSR6Ui1ZyA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 831C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z1...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 831C 0
12 B 17ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQyx-VrYvVpO6IhX7dZxK33AziRKIQzh7-OfdroRZ8icXUdUqPliApioePcRt_lXcoW8Uf

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AAE8 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=2230013483&adf=2416637172&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509713&bpp=1&bdt=572&idt=821&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0%2C879x200%2C879x200%2C879x200&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=2297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=Ca0k76KxPu&p=https%3A//www.istoedinheiro.com.br&dtd=837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 10:24:17 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 8D03 0
53 B 23ms
22ms Document
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=47A803F22301727701710271651&cicmp=1337627&cijs=1&dast=V7uaACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGrRbEAebGWWyGSx2k91sOVlOFsPlajZcwsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7chBE2nw-e61-t-v7vSc_q7TE670eW0_O0av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BAMVhUJab63L6BwDAwwMIAIAARggAqxy5CAAAAMAIAAAAAAmAQGJhCYDD3aIJAEDAX70RHs8JAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDHkPmC8k5t75AVUQFpESMAAACAbKDLhKNJnVBZVP3___9bAVwBAAT81RvhJWXdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANKElV4q0IJj6YTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAACwPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNrfQAwGA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnIIIvdXDaaK1aLuXKVAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 0
date: Mon, 04 Apr 2022 15:51:51 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
x-timer: S1649087511.290284,VS0,VE10

GET
H2 200 cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 604 KB
113 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish
age: 1051894
x-amz-meta-mtime: 1637665336
x-cache: HIT
x-amz-meta-ctime: 1637665337
x-amz-meta-mode: 33188
content-encoding: br
content-length: 114684
x-amz-id-2: 0nGhQyYL6JJMNrNtgN9DZ54Xe47FlcMytbRNYowkLHISIE+ayuuCG0l+V0ZSZ+siOhY7wKkivBg=
x-served-by: cache-hhn4083-HHN
accept-ranges: bytes
last-modified: Tue, 23 Nov 2021 11:02:18 GMT
server: AmazonS3-br
x-timer: S1649087511.290109,VS0,VE0
etag: "c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 1BJTM91JQABF5B1D
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 103418

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 61 KB
8 KB 8ms
8ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish
age: 1610043
x-amz-meta-mtime: 1637665346
x-cache: HIT
x-amz-meta-ctime: 1637665346
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8011
x-amz-id-2: m4Njt8l0KdE3b55Hic+YCWDucCH5XuqfB7qM4dNOwqD7j/jiiFtNBeDgAuVSAaaNEmlg6m4bOho=
x-served-by: cache-hhn4083-HHN
accept-ranges: bytes
last-modified: Tue, 23 Nov 2021 11:02:27 GMT
server: AmazonS3-br
x-timer: S1649087511.290192,VS0,VE0
etag: "35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 9G30P57KSQ4SMK01
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 107476

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 4EF5 0
68 B 20ms
20ms Document
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=70F8621DD23984420423645471&cicmp=1337627&cijs=1&dast=V7xKcCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGjeYEWeTxYhE2SyHo9FiudlNBqPlaLhZwsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7chBE2nw-e61-t-v7vSc_q7TE670eW0_O0av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BAMVhUJab63L6BwDAwwMIAIAARggAq9y5CAAAAMAIAAAAAAmAQGJhCYDD3aIJAEDAX70R3s8JAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDH0EOsh1unFSU3UQFzESMAAACAbKDLhKNJnVBZVP3___9bAVwBAAT81RvhdWXdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANKElV4q0IJj6YTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAICoPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNrfQAwGA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnIIIvdXDaaK1aLuXKVAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 0
date: Mon, 04 Apr 2022 15:51:51 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
x-timer: S1649087511.291733,VS0,VE10

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
56 B 24ms
21ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=42a5303cb0c64736ffc6c0ffad54b8c2&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Available%22%2C%22event_value%22%3Atrue%2C%22event_msg%22%3Anull%7D&tim=15%3A51%3A52.323&id=346&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.305145,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/editora3-istodinheiro/log/3/ 0
286 B 22ms
21ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=42a5303cb0c64736ffc6c0ffad54b8c2&sd=v2_8eb2fc5904adc7fd43651bf819f681c0_b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995_1649087509_1649087509_CNawjgYQp6VFGJ7vmar_LyABKAEwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&ui=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995&pi=/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima&wi=5373166926314365021&pt=text&vi=1649087510430&li=rbox-t2v&lt=deflated&d=%7B%22event_type%22%3A%22read_more%22%2C%22event_state%22%3A%22Rendered%22%2C%22event_value%22%3Afalse%2C%22event_msg%22%3A%22box%20content%20already%20in%20use%22%7D&tim=15%3A51%3A52.324&id=3666&llvl=2&cv=20220404-2-RELEASE&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087511.305236,VS0,VE9
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 1138mc115-e1649082265438.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/ 5 KB
6 KB 8ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/1138mc115-e1649082265438.jpg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ee9e4801b59e857d414e8d0de4100ff9fbfdd80d2917f4cf3f4a4a9dabc71e04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 1463
edge-cache-tag: 437473790099402938756384189728902245214,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 437473790099402938756384189728902245214,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 303
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.istoedinheiro.com.br/wp-content/uploads/sites/17/2022/04/1138mc115-e1649082265438.jpg
content-length: 5292
x-request-id: ab06cbcb878db347fd7aa0b9d5aca892
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 04 Apr 2022 14:46:28 GMT
server: nginx
x-timer: S1649087511.332503,VS0,VE1
etag: "e68b272600eb0f215cc07f3722468276"
x-served-by: cache-iad-kiad7000132-IAD, cache-iad-kiad7000021-IAD, cache-chi-kigq8000117-CHI, cache-iad-kiad7000153-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 23ms
23ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback4
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 24306838b9032f297d749706c5a21d08929f52dba0d2ad351416b231e6569bdb

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
content-encoding: gzip
access-control-allow-origin: https://www.istoedinheiro.com.br
machineid: 1444
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
pragma: no-cache
server: nginx
x-timer: S1649087511.333135,VS0,VE17
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 e3514786fc47badb667a8af7c92254b7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 7ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3514786fc47badb667a8af7c92254b7.png
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e6dd2ae396e969789bc33c4f36a6aea01d2fc77b39b568f40ce9f7709fa7ed1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 954044
edge-cache-tag: 436974928201002823062998697534448679075,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436974928201002823062998697534448679075,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 408
x-cache: MISS, MISS, MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3514786fc47badb667a8af7c92254b7.png
content-length: 4108
x-request-id: 08d5189588039c01ea2ac80ffa3f0726
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 24 Mar 2022 06:20:52 GMT
server: nginx
x-timer: S1649087511.333441,VS0,VE0
etag: "9c32a400344792edcf66b073b38f7541"
x-served-by: cache-iad-kjyo7100143-IAD, cache-iad-kcgs7200171-IAD, cache-chi-kigq8000033-CHI, cache-iad-kcgs7200114-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 3

GET
H2 200 95feb8a1bac1de99d9e6c645b9725250.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 8ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d99d7df133f73be15d3b3870125a0ceda6def30beead06e92081f53ab6f11aa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 2341526
edge-cache-tag: 454495853063637850906140981329147654090,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 454495853063637850906140981329147654090,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 37
expiration: expiry-date="Fri, 11 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
content-length: 10262
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 08 Feb 2022 08:32:06 GMT
server: nginx
x-timer: S1649087511.334182,VS0,VE1
etag: "f827fea25d2efb7d982a1ee9273867c8"
x-served-by: cache-iad-kjyo7100024-IAD, cache-iad-kcgs7200023-IAD, cache-chi-kigq8000121-CHI, cache-iad-kcgs7200177-IAD, cache-hhn4083-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 3, 1

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABBA 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY8GDFRRLYuzrF5Dij-8Pg-2UsA7t38exaY-z-uDeD7CQHxABIP-i_ldgleKQgqAHoAH8_Pj3AsgBCakCAyEWYrd1sj6oAwGqBMoCT9Aii7L62aw-ywiaHOXVDZdxR6DqBxJyYtXC4lV3OoleIH3vLt80nzvEpO_J4cQtp_4Q0U8cJfbmuJmTyTmM8mtaGKOprBz83-KlCdtUCvqCvt58KyhwzzRIEMZOED1_HudCajzI77sVraNfAVnJD741McYleiNIxjw2HuA4Zs3peBi3TDwK1wA968fbeUHA7Qg6Lf6R0VbWiHNMNMSIwPRQsn80MsDxPHMRHSC4fi_johG9lddE4dPJ7W7HCosypJCTKHHm8LwNaJaRXyPHMggTKelfWugtesKRFiNboVCYHskASMCy4wb3QbnERiReHnHl9_7nzmoiRDN5O4L8C_t0wRlBDN21Iv_ZUg3kgwqEnu6LY2cdoKXAQL-clQMmyZZC_776I76mBY4sOu3X-b2DZ1_h1S3Tc5n--43ejbY1ph6QTeYHZcZwwATk3fbU7wOgBi6AB7Om75oBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQw74C0ggJCIDhgBAQARgfgAoByAsB2BMDiBQC0BUBgBcBshccChoIABIUcHViLTQ2NjM3NTM0Njc5OTk1OTQYAA&sigh=7Fh9IaplBC8&vt=1&template_id=484&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4663753467999594&output=html&h=200&slotname=2473774428&adk=4199536445&adf=946561708&pi=t.ma~as.2473774428&w=879&fwrn=4&lmt=1649087510&rafmt=11&psa=0&format=879x200&url=https%3A%2F%2Fwww.istoedinheiro.com.br%2Fhackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649087509709&bpp=2&bdt=568&idt=619&shv=r20220330&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da917899f5e8fac1e-22145a696ccd0008%3AT%3D1649087508%3AS%3DALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg&prev_fmts=0x0&nras=1&correlator=4328568371686&frm=20&pv=1&ga_vid=2055158830.1649087510&ga_sid=1649087510&ga_hid=813440825&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=541&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066008&oid=2&pvsid=2759338911394495&pem=891&tmod=678528451&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Nr6cGydeN0&p=https%3A//www.istoedinheiro.com.br&dtd=632
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:51:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ABBA 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstA8m_xW2lmAhvfgF583pfB_3ZqvMVptFlCTy-p4J4HDbMMAklxPIn-IaRHYSmbXvu_cNNKmFrZautM3n0i0ti9S1JXDi9rB-JV7_oEyMUqdZ-qsMRpQisr-nJ9LXRPI3nyR4PxDmzqnxihNw&sai=AMfl-YThgrtwcuUvxH0b9wUCBwk5uFUpfRBSAhfUqqLV-eASdpBKE3il58U2g4zPeeWavcX2PfDN0cJlY85_c-cqvOvrb4AMxbcwUGx6Rp7bI0_uyUTsABDZpctcgYqa&sig=Cg0ArKJSzMsFoSnuhAaSEAE&cid=CAASF-Rohx_WCGcc7RdKJ8tMV2vsAS6dJuOW&id=lidar2&mcvt=1104&p=0,0,200,879&mtos=1104,1104,1104,1104,1104&tos=1104,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4199536445&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1649087510342&rpt=995&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/2.2.1/ 51 KB
16 KB 10ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront), 1.1 varnish
age: 1523653
x-amz-meta-mtime: 1542789750
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 15795
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 21 Nov 2018 08:42:31 GMT
server: AmazonS3
x-timer: S1649087511.492605,VS0,VE0
etag: "57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: 1iIjkCCvqugiylTxHkliY6Bpu-6EzXa_PyvmNpxn5dciIm3YW7IVYw==
x-cache-hits: 112109

GET
H2 200 st Show response
imprammp.taboola.com/ Frame A32D 0
58 B 21ms
20ms Document
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=47A803F22301739181650934658&cicmp=1337627&cijs=1&dast=V7Ur0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGrRbEAebGWWyGSx2m-ViNxtNBsvRZjdcwsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7chBE2nw-e61-t-v7vSc_q7TE670eW0_O0av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BAMVhUJab63L6BwDAwwMIAIAARggA65yYCAAAAMAIAAAAAAmAQGJhCYDD3aIJAEDAX73RHscJAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDH0KwtsWnbbWwAUQFpESMAAACAbKDLhKNJnVBZVP3___9bAVwBAAT81RvtvWTdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANKElV4q0IJj6YTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAACHPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNrfQAwGA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnIIIvdXDaaK1aLuXKVAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 0
date: Mon, 04 Apr 2022 15:51:51 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
x-timer: S1649087512.520029,VS0,VE9

GET
H2 200 st Show response
imprammp.taboola.com/ Frame EFED 0
52 B 19ms
19ms Document
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=8DDD9543A5259959941359327716&cicmp=1337627&cijs=1&dast=V75VICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDgikZir0WbBmqyWy9VyuVksJovZbLgZDJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbQhB0-nwue71ut_vrvSc_i6T0250OS1_u8bvtkssfzkAAAAAPAAQtURD7Pg2tEcAAAAASPCMXCtQBFT8WwhcAAAAAGAAEIiFawBAcRiU5ea6nP4BAPDwAAIAIIARAsA6xyECAAAAMAIAAABAAiCQWFgC4HC3aAIAEPBXb5TndgIAAHBQJ_O0zfL___8fA5D33iQDQJG2cWPQA_DgA_AgBAAA8DHEKSgEfK9LM0tUsFfECAAAACAb6DLhaFInVBZV_____1YAVwAAAX_1RnrUWTcnxaxhAAAAAGML9LD4_WaHXeN3u-z_________3-z_DABNaMmVIi0Ipn5YjWfkWmHtFxAAgO3dAADeBOBiDsAOAAAA4O7___8_DwAAYGOPku21Gs8eZb3PYAuf091dvwlbjFaTyWY5nC0Xk8FwNByN9jcQg8EAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RAPqs6l83l1PjLIYjeXjeaK1WKuXCUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 0
date: Mon, 04 Apr 2022 15:51:51 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
x-timer: S1649087512.522063,VS0,VE8

GET
H2 200 st Show response
imprammp.taboola.com/ Frame D9A5 1 KB
703 B 19ms
18ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8108245&crid=4906125&dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&cmcv=&pix=undefined&cb=1649087512574&uv=3154&tms=1649087512574&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!Noapp22_vA!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=70F8621DD239841061777935541&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Apr 2022 15:51:51 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
x-timer: S1649087512.547352,VS0,VE12

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 74F3 928 B
1013 B 60ms
17ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Apr 2022 15:51:51 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
678 B 130ms
124ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4906125&noaop=5&sortOrderType=0&cb=1649087512579&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1381&pt=-463882525&tz=0&viewable=true&ddast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1403775&dpubid=259775&abtst=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!Noapp22_vA!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.istoedinheiro.com.br&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ee34ab7a922441254891e0f8491eced8c17fe9776959a654040cb93d8ff50e4

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
content-encoding: gzip
access-control-allow-origin: https://www.istoedinheiro.com.br
machineid: 1417
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
pragma: no-cache
server: nginx
x-timer: S1649087512.557476,VS0,VE118
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 87ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8108245&crid=4906125&dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&cmcv=&pix=31589837&cb=1649087512574&uv=3154&tms=1649087512574&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!Noapp22_vA!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1649087508415.7!ts:1649087512574&mntl=1
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
content-length: 0
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21A9 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRwnbFRRLYrOGDsiMjuwPm5mGoAkAAAAAOAHgBAI&bg=!trWltfHNAAZku-1yRLs7ACkAdvg8WpU6i1hg9_QaP7bEghu0ZoMNl3SKueUJm0jeaaQOSEkw_VdAGwIAAASrUgAAAAJoAQeZAyciITO3xXUnTYCEFhlHWNOZ-ooLexwjNf90z29VDuFL7ouhDdXsX55CniuV3R1OeaGUQCYnYLG2vXzKesBeFzifwSFXd0gEdmqlUngKCnWtVjCjTgxPJYcbiZcTfjj0Z9Gzc8W11xloGtcvWN0lCqUOHIB7o_20z2sfWimKC7gABLLaZOY2Fuz8jcsqDCuMXEGsgbQ6kIgda1fg4Ougzz9ybmKAfGNd4YZHkpVYeoGMZoSZz7ueyWp5IFW94illh-MWORqNDkapbEbt7aiMd9Pg8kU9VdMgLK-zjmNnzSaV9uotMsZKdM7hZczqW6gcMtGssWQpJ8xe6vw8QbW-gkRzCLNKmSRyOdkFw_RqxUadXwNoM_9Gl8s-dzGAM0ccSmj2vjowY45LcYUtfeTY2DhZ4lDFBdFgKVE3lYxq1f45PS9c-VZcd35w5rU2ww5NfOfsuudKDoZ_DEmFZktOrCcm5QE1isIp-sQgkp_v9gtGyW6W0lrKLTgRSCJhC6Z6Zk7Yz_ZtQXkd9Ofdmt8ceCLRPd5knQjucy7HoBP5yAT9OTNLbRt-BAFtgfF5Ktt7r4hJyZlapIyfM3k5wnk5sXYhjK2t3euhektBibApGCZUSM_fm4HX9Vro5_uA7CCkfONRXdvkNk9PvMi6H2FZRf6-ZfW8wDkU2SoKhvKdBXm4omkp3ANuA2OeNjc232mK_MHeIgIHnHHWBXN2CvDUWCh5Sg3eHYsBhoiW42bSYooX4jDTOvztCU5MCHTjCXw8RYu_aYUHx3KpZ2a-sIldR0000IGfKfe5aU-ktKXrRLdoyEF3EqmmMksmkvWW60t2aMhEruS8D9VPwRAW4ceLXgBhInuwEDjKKczP33sgffMBrf17y1RYNOkfSeZaTAxNCvyLH8VhFTx7CDfGzOb5Qojj9x0lM2INxoFOhLbpFHkw8x7A2X8k7cmMaDyDLwGhMtkOogMQCFln_2hdAYYO3FVAWwN3532_yp7ZtQtQDNxSXpcQHnhC0hpF6zqiVNH7VYsf6kZLDNrFd0DDRl-sekk6HdaoGNMDSPJbNYa719v8QNjoYxF-ulw

Requested by

Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/editora3-istodinheiro/log/3/ 0
261 B 31ms
30ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editora3-istodinheiro/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 17
pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649087512.620078,VS0,VE17
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age: 2981570
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1649087512.629985,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits: 756990

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/31_5_4/infra/ 851 KB
143 KB 131ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/31_5_4/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0be15b0cb49be649284de924bc496fb7342860d87c22012d1358e73427fe35b6

Request headers

Referer: https://www.istoedinheiro.com.br/
Origin: https://www.istoedinheiro.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish
age: 108255
x-amz-meta-mtime: 1648979119
x-cache: HIT
x-amz-meta-ctime: 1648979119
x-amz-meta-mode: 33188
content-encoding: br
content-length: 145919
x-amz-id-2: gcj01vgJI4SUq6e0jcmKtOxMb4zj4XlU0RwHmPUOjP9Ed8GAVckeacvhcM8vMu6A9MiGa7LFSig=
x-served-by: cache-hhn4051-HHN
accept-ranges: bytes
last-modified: Sun, 03 Apr 2022 09:45:20 GMT
server: AmazonS3-br
x-timer: S1649087512.851548,VS0,VE0
etag: "4ed6b6f8ac8ecc7baef338d857937284"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: TQ4JYGBBHWD67ZXF
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 28575

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/31_5_4/assets/css/ 63 KB
9 KB 7ms
7ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/31_5_4/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 06e0a71a1da9d62f20701a4b9554201fc679eda729f2a034537c621df66788a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
via: 1.1 varnish
age: 108257
x-amz-meta-mtime: 1648979136
x-cache: HIT
x-amz-meta-ctime: 1648979137
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8260
x-amz-id-2: W3GmmMNOb0UHQgx4fTCg9pZUNNTQIhMYP6dkuWd1sxGHZ1JDMleqq3vV+Psp2yfikcxuULxF1R8=
x-served-by: cache-hhn4083-HHN
accept-ranges: bytes
last-modified: Sun, 03 Apr 2022 09:45:38 GMT
server: AmazonS3-br
x-timer: S1649087512.728181,VS0,VE0
etag: "e08a907f4cec64befe9834e9f18d2253"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: D01E4RP6WZJNS3EZ
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 42297

GET
H2 206 rds8nlu9b8p4ixb9xp2j.mp4
cdn.taboola.com/libtrc/static/video/v1629117446/ 258 KB
258 KB 8ms
7ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1629117446/rds8nlu9b8p4ixb9xp2j.mp4
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 918e0d6d2ab201f321a6a30eb27828e624abd5947070d8116dbaa9441fcdbeec

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: us0I5BnLLNu1pGki7najrpsLfMkje_eP
via: 1.1 varnish
etag: "d7e101bd1670ce7219d51622a7d5ea7f"
age: 1
x-cache: HIT
Content-Range: bytes 0-264070/264071
x-amz-replication-status: COMPLETED
Content-Length: 264071
x-amz-id-2: v6h0m88F+vn8PU25GhUQ+nNmUX1SJfkxGFZlQrAqPHT/LQJY5Ciq9n8zNMwxZoxX/sK1c1RHOhc=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 16 Aug 2021 12:37:32 GMT
server: AmazonS3
x-timer: S1649087512.729171,VS0,VE1
date: Mon, 04 Apr 2022 15:51:51 GMT
x-amz-request-id: FHY54PNT8SKY9WVY
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 27
x-cache-hits: 0

GET
H2 206 bq5m1c0vruzmizf3hbrp.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1611591775/ 834 KB
835 KB 11ms
11ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1611591775/bq5m1c0vruzmizf3hbrp.mp4
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e237913b1e6991b63c32757eb8d68edf345e485832cc3711118ade6f042c22cc

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: R6vPpfrjCnhAVMYmB8pItxjQ0MoLZRiU
via: 1.1 varnish
etag: "7d2cb746f2a675a57d8b6adeaae94c42"
age: 115
x-cache: HIT
Content-Range: bytes 0-854407/854408
x-amz-replication-status: COMPLETED
Content-Length: 854408
x-amz-id-2: cjRwgr3dj3onuJ+NZ8aPI9sWsCbhI1QP2WfBPVzToiD1cKA+K3O9hxoZZ2VEWY4Xnm9+Y7Hs+Jk=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 25 Jan 2021 16:23:02 GMT
server: AmazonS3
x-timer: S1649087512.732076,VS0,VE1
date: Mon, 04 Apr 2022 15:51:51 GMT
x-amz-request-id: 9C4W1X8YB14XHNS1
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 27
x-cache-hits: 0

GET
H2 206 rds8nlu9b8p4ixb9xp2j.mp4
cdn.taboola.com/libtrc/static/video/v1629117446/ 240 KB
0 20ms
20ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1629117446/rds8nlu9b8p4ixb9xp2j.mp4
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: us0I5BnLLNu1pGki7najrpsLfMkje_eP
via: 1.1 varnish
etag: "d7e101bd1670ce7219d51622a7d5ea7f"
age: 1
x-cache: HIT
Content-Range: bytes 0-264070/264071
x-amz-replication-status: COMPLETED
Content-Length: 264071
x-amz-id-2: v6h0m88F+vn8PU25GhUQ+nNmUX1SJfkxGFZlQrAqPHT/LQJY5Ciq9n8zNMwxZoxX/sK1c1RHOhc=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 16 Aug 2021 12:37:32 GMT
server: AmazonS3
x-timer: S1649087512.733334,VS0,VE1
date: Mon, 04 Apr 2022 15:51:51 GMT
x-amz-request-id: FHY54PNT8SKY9WVY
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 27
x-cache-hits: 0

GET
H2 206 rds8nlu9b8p4ixb9xp2j.mp4
cdn.taboola.com/libtrc/static/video/v1629117446/ 258 KB
258 KB 26ms
25ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1629117446/rds8nlu9b8p4ixb9xp2j.mp4
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 918e0d6d2ab201f321a6a30eb27828e624abd5947070d8116dbaa9441fcdbeec

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: us0I5BnLLNu1pGki7najrpsLfMkje_eP
via: 1.1 varnish
etag: "d7e101bd1670ce7219d51622a7d5ea7f"
age: 1
x-cache: HIT
Content-Range: bytes 0-264070/264071
x-amz-replication-status: COMPLETED
Content-Length: 264071
x-amz-id-2: v6h0m88F+vn8PU25GhUQ+nNmUX1SJfkxGFZlQrAqPHT/LQJY5Ciq9n8zNMwxZoxX/sK1c1RHOhc=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 16 Aug 2021 12:37:32 GMT
server: AmazonS3
x-timer: S1649087512.734020,VS0,VE1
date: Mon, 04 Apr 2022 15:51:51 GMT
x-amz-request-id: FHY54PNT8SKY9WVY
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 27
x-cache-hits: 0

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame D9A5 43 B
182 B 301ms
92ms Image
image/gif 2600:1f18:612b:4264:cf98:6d7b:6943:bef0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8108245&crid=4906125&dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&cmcv=&pix=undefined&cb=1649087512574&uv=3154&tms=1649087512574&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!Noapp22_vA!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=70F8621DD239841061777935541&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:cf98:6d7b:6943:bef0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D9A5 70 B
264 B 87ms
28ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8108245&crid=4906125&dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&cmcv=&pix=undefined&cb=1649087512574&uv=3154&tms=1649087512574&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!Noapp22_vA!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=70F8621DD239841061777935541&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

400

partner
sync.search.spotxchange.com/ Frame D9A5
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...

0
0

14ms
14ms

Script
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=250ec2c5-b42f-11ec-a34b-1a404fd50506
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8108245&crid=4906125&dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&cmcv=&pix=undefined&cb=1649087512574&uv=3154&tms=1649087512574&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!Noapp22_vA!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=70F8621DD239841061777935541&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-spotx-halt-type: Audience DSP sync endpoint GDPR opt out lookup failure, stopping.
Date: Mon, 04 Apr 2022 15:51:52 GMT
X-fe: 33
Connection: keep-alive
Content-Length: 0
Server: nginx
Content-Type: text/plain

Redirect headers

Date: Mon, 04 Apr 2022 15:51:51 GMT
Server: nginx
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=250ec2c5-b42f-11ec-a34b-1a404fd50506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 35
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame D9A5 43 B
220 B 325ms
8ms Image
image/gif 18.194.56.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8108245&crid=4906125&dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&cmcv=&pix=undefined&cb=1649087512574&uv=3154&tms=1649087512574&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!Noapp22_vA!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=70F8621DD239841061777935541&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.56.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-56-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 15:51:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 74F3 70 B
265 B 72ms
27ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 74F3 43 B
183 B 284ms
92ms Image
image/gif 2600:1f18:612b:4264:cf98:6d7b:6943:bef0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:cf98:6d7b:6943:bef0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 74F3
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=250efd13-b42f-11ec-8ca0-13b80d860206&orig=video&us_privacy=1---gdpr=1&

0
98 B

38ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=250efd13-b42f-11ec-8ca0-13b80d860206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22216

Redirect headers

Date: Mon, 04 Apr 2022 15:51:52 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=250efd13-b42f-11ec-8ca0-13b80d860206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 105
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 74F3 43 B
220 B 312ms
9ms Image
image/gif 18.194.56.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.56.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-56-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 15:51:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 74F3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7ws43W5E2uFtyuEu8pW9ceRLZb8XtpyEcVJ_cfY-~A

0
98 B

39ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7ws43W5E2uFtyuEu8pW9ceRLZb8XtpyEcVJ_cfY-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22216

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7ws43W5E2uFtyuEu8pW9ceRLZb8XtpyEcVJ_cfY-~A
date: Mon, 04 Apr 2022 15:51:52 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
BLOB 206
Partial Content 9e98159a-112e-4c80-925f-c057f2b2dc15
https://www.istoedinheiro.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.istoedinheiro.com.br/9e98159a-112e-4c80-925f-c057f2b2dc15
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 13699165-42b5-40b3-900a-b2e0db0c501d
https://www.istoedinheiro.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.istoedinheiro.com.br/13699165-42b5-40b3-900a-b2e0db0c501d
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 29ms
28ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 661
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6f6b35355fa20211-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 04 May 2022 15:51:51 GMT

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront), 1.1 varnish
age: 1524735
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn4083-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1649087512.009787,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: t1A-OC7FrDGZJC7Tp3c5Te6utmhBjz82_E5tKO0J_wHxk5doBZKsXQ==
x-cache-hits: 376620

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v13.8.1/ 556 KB
114 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.1/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: fd47fc220ea0b9a5923be38fc278321b9be6fbc021749dbe3e292ce7a8cad851

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
via: 1.1 varnish
age: 629400
x-amz-meta-mtime: 1648458062
x-cache: HIT
x-amz-meta-ctime: 1648458075
x-amz-meta-mode: 33188
content-encoding: br
content-length: 116583
x-amz-id-2: It41kTEhGq1pqBnYYrI1PkFm0a9O1U1nr1rvI0jzto5bZjKnlDz6jtVmg4qG6CvPvis84xSeBWc=
x-served-by: cache-hhn4083-HHN
accept-ranges: bytes
last-modified: Mon, 28 Mar 2022 09:01:16 GMT
server: AmazonS3-br
x-timer: S1649087512.035070,VS0,VE0
etag: "85ca89348560504d1f51de9fa0a39148"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: G2M6HB34G39HZ342
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 191236

GET
H2 200 sync Show response
am-match.taboola.com/ Frame F3FF 1 KB
1 KB 16ms
16ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 2cfe3860cbed1aadb7413754ecab66c5e58561a48cced4efa2f0a4a294cd39d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Apr 2022 15:51:52 GMT
machineid: 3401
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 309ms
307ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=8108245&crid=4906125&dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&cmcv=&pix=31579697&cb=1649087513069&uv=3154&tms=1649087513069&su=3&abt=Noapp22_vA!adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
content-length: 0
server: nginx

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
702 B 7ms
7ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.istoedinheiro.com.br
URL: https://www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 2238
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1649087512.126813,VS0,VE0
date: Mon, 04 Apr 2022 15:51:52 GMT
x-amz-request-id: DM4PBFJ9QH08DD7N
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 27
x-cache-hits: 538

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame F3FF 43 B
182 B 95ms
92ms Image
image/gif 2600:1f18:612b:4264:cf98:6d7b:6943:bef0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:cf98:6d7b:6943:bef0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F3FF 70 B
264 B 30ms
27ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame F3FF
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=250efd13-b42f-11ec-8ca0-13b80d860206&orig=video&us_privacy=1---gdpr=1&

0
98 B

14ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=250efd13-b42f-11ec-8ca0-13b80d860206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20134

Redirect headers

Date: Mon, 04 Apr 2022 15:51:52 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=250efd13-b42f-11ec-8ca0-13b80d860206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 29
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F3FF 43 B
220 B 25ms
8ms Image
image/gif 18.194.56.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.56.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-56-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 15:51:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 63E3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

50ms
13ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8108245&crid=4906125&dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&cmcv=&pix=undefined&cb=1649087512574&uv=3154&tms=1649087512574&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!Noapp22_vA!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=70F8621DD239841061777935541&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Apr 2022 15:51:52 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 04 Apr 2022 15:51:52 GMT
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
server: AkamaiGHost

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/79d9049e-3bd8-484a-9d33-0d7d084775cf/ 184 B
578 B 338ms
321ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/79d9049e-3bd8-484a-9d33-0d7d084775cf/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

696be6878444b9ff0e461f6c67384dd8446cd1bd72dd0aebfbc1631e05763553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 721d5bd1-3d18-4738-9877-51edadc4874d
x-runtime: 0.005708
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"696be6878444b9ff0e461f6c67384dd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6f6b35372afe0208-ZRH
access-control-allow-headers: SDK-Version

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7DA1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

28ms
13ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Apr 2022 15:51:52 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 04 Apr 2022 15:51:52 GMT
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 63E3 32 KB
10 KB 15ms
14ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b7781f6fa62c80c336671d895754a77ce8d0f5e9fe30e0b1f40d08c66261408b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 15:51:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18589
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9541
Expires: Mon, 04 Apr 2022 21:01:41 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7DA1 32 KB
10 KB 14ms
13ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b7781f6fa62c80c336671d895754a77ce8d0f5e9fe30e0b1f40d08c66261408b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 15:51:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18589
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9541
Expires: Mon, 04 Apr 2022 21:01:41 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 63E3 284 B
536 B 46ms
19ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7DA1 284 B
536 B 43ms
7ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 63E3 0
239 B 8ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 22ms
22ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032909&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa6d5ed8d089941768971b05ad138653621b009bcba6a4af8982d3a740c3eb47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10587
x-xss-protection: 0

GET
H2 200 eid-rollout.es5.js Show response
cdn.taboola.com/scripts/ 14 KB
5 KB 9ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid-rollout.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0b5da7e151ac3827a6b8f13fd19967fd4404ae45fa3eaca80adeabf35808c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: _3kB1btS4N2Of2NSlEyvmxn35ee.xcBj
content-encoding: gzip
etag: "4574ed3f43bc468d4dc39dc39e86297d"
age: 1777
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5298
x-amz-id-2: hzxiflm6ptN4V6lFNbBdNfdtwqA2niJsL1iFv1cDHXWf9TCi+JHSaatbrox/HsLAZgTC8exQ86A=
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 30 Mar 2022 21:04:13 GMT
server: AmazonS3
x-timer: S1649087512.380301,VS0,VE0
date: Mon, 04 Apr 2022 15:51:52 GMT
vary: Accept-Encoding
x-amz-request-id: PB8HR7TN0NW1RVBP
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 27
x-cache-hits: 3104

GET
H2 200 cds-pips-rollout.es5.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 9ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips-rollout.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: BTV2evWcXVfczKcSp81rg0LpzvWfqm4D
content-encoding: gzip
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
age: 1777
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 923
x-amz-id-2: ACL9N33bpjD46vz4rVGksH3J+z+hGeXX2ozX+8d5CnXyRqi5L+lgqGnGb+OESQJEXTyCeiehP3E=
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 30 Mar 2022 21:04:14 GMT
server: AmazonS3
x-timer: S1649087512.380388,VS0,VE0
date: Mon, 04 Apr 2022 15:51:52 GMT
vary: Accept-Encoding
x-amz-request-id: PB8WZE75G8VZTTWT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 27
x-cache-hits: 3214

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:51:52 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
128 B 7ms
6ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips-rollout.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn4051-HHN
access-control-allow-methods: GET
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 291ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=b51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips-rollout.es5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 04 Apr 2022 15:51:52 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 610F 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:35:14 GMT
expires: Tue, 04 Apr 2023 15:35:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6683 783 B
535 B 18ms
18ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

87dbc7a9118728534ba33806259ba24f02157e51587546caeab573b21ceaf1c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-urfFYYoFjOWLe4D4W7L3Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-urfFYYoFjOWLe4D4W7L3Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:51:52 GMT
expires: Mon, 04 Apr 2022 15:51:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 610F 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 10:24:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6683 0
0 71ms
71ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032909&jk=2759338911394495&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 9f1f939c-50f8-4fc7-a573-991d4bf2bb52
img.onesignal.com/permanent/ 5 KB
5 KB 31ms
21ms Image
image/jpeg 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/permanent/9f1f939c-50f8-4fc7-a573-991d4bf2bb52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e20c08d12eaffb879bd2bba2bd4d202a858524ee589fc719f7f77c85c08a85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
cf-cache-status: HIT
age: 3541
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5237
x-amz-id-2: RuGUzB6FZ84LFz7p9ZwwhLTTzcVnILUqApY+3uYbbd4Rpj+PIim6on/yx1SxNrXwDLOD00Qdip4=
last-modified: Thu, 23 Sep 2021 14:42:55 GMT
server: cloudflare
etag: "0e88d68244e8f395c368dac986bc3402"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: T81GP9N4ZZMCPGVY
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6f6b35394ab901e3-ZRH
expires: Thu, 05 May 2022 15:51:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 610F 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tPVzaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:51:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032909&jk=2759338911394495&bg=!qqmlqe3NAAZku-1yRLs7ACkAdvg8Wgo_hiPbMLZPwSYdrjJ4Lk1YH9rXS_nONXaJS2LIF7-zTq0IZwIAAABsUgAAAARoAQeZAtX2w38Mxx5jYUKQPSL-MLmzM-CWrOofHS5bNTI2LCBc12S8ZLxL4liVEUw8O9yuAgNigb5Etre1zcu565NyRJEh5Y5q5_ZmC2zK3n2RLlBFU4ukHkRfCyvFD5HWeaBJe9oJfgY2ryBKPF22F-yyrisrj4gsKFjT6skT5jHam-Modtbno5tyKXBBMbzAad3siMNPv8_DEblkG6gDVVH8jAei0kVybQqt8aPklv_JPMZXwIAbab4ETXKJfKfZ6PU1eTz1YQgJkQAcbTZBzVuq1JLqpazBI9C3erUN27pX7XWPnI1JKzASeCXOHNtPrMh1fd3ugpb9_C1Ithn4OaQWCxYnrodV5yA1L5kbHqvYopj7GT9ZrRw8ksfTA3j2tTqf53JDBz3ebigO433RUB2M8UwMoqZQ-QFxHPEIqju3431_X1fweizQ1DanK9UPGfDNa3xmW0ZWgd7pJNP2X55mMxEZZ_fWOxklbgZoKzs18eXFg5S-N0-DeYUNiQULwK3UAPA9NTqW4hD2kOflx9ZU9QAwVOJmH6unFvCw4agb7IIj21o1RigVZ6YPX0kmCVgml1oh0mCZ5Nan80pTekqbD8KjQeIYkdetOHahLWi2tRrxkT7KggXqILn5p6lVAluV4SpaqfUCdeB4VkGUt86yLA6-sq8cVEpuaeSbFzOCTYZ2j3pqdk_LXV1mxNBIfSeloyQtqe7GqUJ0a0ffpffRpvT9guaWxLtrHaLsSWju0C8sTGnRD3Imn_xBfsEvODceQ333uDeTacLf4N1wAZ38LnH4USqxQD4QZAKq6ITkCUoRlmXWjhxJKs-putr5Y8BvACQTbzu-772buoDoPClBgLIJGGHK47HMh9DXI8muue3FBz8tsJRfkuyIC4uIr151IcChwXPnzavqBnxhSqeFM77XxGlCR1d7pFNCZQFluB2lXJx6Qq_R3NJYpSLvLcJfR3hoCG5EPg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 243ms
242ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4906125&noaop=5&sortOrderType=0&cb=1649087515447&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1381&pt=-1670846572&tz=0&viewable=true&ddast=V7Z6kCFgPgBktzLgKflgTgBktzLgKflgUAAAAGBvQHGzeYEWeTxYhE2SyHo8VgttjtdsvNajVaDEHjBjPibLIYkSib5XC0GKxWy8luMBnsdlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73gCHptPhc93rdb_fXek5_V0mp93oclr-do3fbZdY_kKHx-uyfN5Ku-1hcrndSrvn9PBZHm63yOVWu85Gl-UtcrnVfsvfrXIr7K67x-lwu2Uvu8nhFjwsD7fC6jo5LG_B5el2-OUAAAAA8ACgxN0I8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABYNCZowEAxWFQlpvrcvoHAMDDAwgAgAAGCcCA_W8JQMXa3wkAAAAAAAAAAMv___9_DMAebrUMQIZlbg_Agw_AA1EBcxEjAAAAgGygy4SjSZ1QWVQBABCkWwFcAQAE_NUb3fmFAQAABIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oSVXirQgmPphtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarU4jdcLbYjQaj0ewAAAAA7v7____1QHBlscw8ruVgtDB5fDOTaTNbLSY242I5sw0XG8P2OtmLm1wdMKv6QoRl9vsOCsrp6TG7DKKi622xO5xmz0F80DAsJ4NgfhO2GK0mk81yOFsuJoPhaDga7W8gBoMBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHCiGsxMsx2E7dk5HK5RSvHai1xDmduiWE2c652k-FkuXCLXh_TczRaLperKR7Mx-Xc1y5cFAww24vgIp2oTE7T3_LwrJWe09_ktBtdTsvfIpZoThbpRHbZF1cWy8zjWg5GC5PHNzOZNrPVYmIzLpYz23CxMewrrsXIMNtN3JKRy-UWrRyrtcQ5nLklhtnMudpNhpPlwi16fUzP0Wi5XK72jdloORjuVoPlvjEbLQfD3Wqw3HfoDN_V52wUbrMaj8qbvR2Wf5n5oHAZLN6fxLSYdmcH1e93dAo9xmRRZzT-vEevQeE5eEzTck_7OHZDhuHwoHAcDIpYIjhdpBPRy3i6iCWSp0U60ThWM5Np5vKsRsbBaGPxrHyDycS42ExmLuNitpmIJUrTRTrRCx0er8vyeSvttofJ5XYr7Z7Tw2d5uN0il1vtOhtdlrfI5Vb7LX-3yq2wu-4ep8Ptlr3sJodb8LA83Aqr6-SwvAWXp9thUf-RQRa7uWw0V6wWc-UqAQAAAAAAAAAsYc68CQAAAMBpIKvlbrdaLkCE1KkuMAgAAAAAAEBx48cVZXKa_paHZ630nP4mp93oclr-VgaIkCpl3uyZINZqtawBAAAEsAEAAAK4dfMWoCLJAQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1403775&dpubid=259775&abtst=Noapp22_vA!adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl106134-509_vB!scec9_vB!spa2_vB!t45!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.istoedinheiro.com.br&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.1/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2dcb6b256a91fb8bc15f001dab21d866f4915b01fde053986e47f0eb923fbbdb

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 04 Apr 2022 15:51:54 GMT
content-encoding: gzip
access-control-allow-origin: https://www.istoedinheiro.com.br
machineid: 1427
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4083-HHN
pragma: no-cache
server: nginx
x-timer: S1649087514.421276,VS0,VE232
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://www8.smartadserver.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ac Show response
www8.smartadserver.com/
Redirect Chain

https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649087515700&pgDomain=www.istoedinheiro.com.br&vpw=700&vph=393&gd...
https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649087515700&pgDomain=www.istoedinheiro.com.br&vpw=700&vph=393&gd...

129 B
536 B

99ms
98ms

XHR
text/xml

185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649087515700&pgDomain=www.istoedinheiro.com.br&vpw=700&vph=393&gdpr=1&gdpr_consent=&schain=1.0%2C1!taboola.com%2C1135271%2C1%2C-1865687733%2Ceditora3-istodinheiro%2Cistoedinheiro.com.br&us_privacy=1---&cklb=1
Protocol: HTTP/1.1
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.istoedinheiro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:54 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.istoedinheiro.com.br
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:51:54 GMT
access-control-allow-origin: https://www.istoedinheiro.com.br
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649087515700&pgDomain=www.istoedinheiro.com.br&vpw=700&vph=393&gdpr=1&gdpr_consent=&schain=1.0%2C1!taboola.com%2C1135271%2C1%2C-1865687733%2Ceditora3-istodinheiro%2Cistoedinheiro.com.br&us_privacy=1---&cklb=1
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
126 B 16ms
15ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.istoedinheiro.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.istoedinheiro.com.br
date: Mon, 04 Apr 2022 15:51:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHq6G3EwE3OH6Jq7XqroWkk&google_cver=1&google_push=AYg5qPIHpUAmY4u1OLxZIRu2BEWPEZZ5m91fQtdeU56YZpL8R1AulDGrloWG_9mU3wWUGOEDjqZXPz_gn5-cnj-K2YKyDrkaM7S-

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHq6G3EwE3OH6Jq7XqroWkk&google_cver=1&google_push=AYg5qPKal5QAsESA-mDbSo90uzJoQyFE8KaSoQl7C2-T8kqjnb51lvZhTB8nhz8TPh_lctn59nHNDk37g--jycG6PYQqX1rpz8bX

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg

Verdicts & Comments Add Verdict or Comment

401 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scorecardresearch.com/	1970-01-20 19:21:35	Name: UID Value: 1208997950cb08f7d0a2cdd1649087508
.istoedinheiro.com.br/	1970-01-20 19:35:59	Name: _ga Value: GA1.3.2055158830.1649087510
.istoedinheiro.com.br/	1970-01-20 02:06:13	Name: _gid Value: GA1.3.2036373861.1649087510
.istoedinheiro.com.br/	1970-01-20 02:04:47	Name: _gat Value: 1
.istoedinheiro.com.br/	1970-01-20 02:04:47	Name: _gat_rede Value: 1
www.istoedinheiro.com.br/	1970-01-20 11:33:35	Name: __atuvc Value: 1%7C14
www.istoedinheiro.com.br/	1970-01-20 02:04:49	Name: __atuvs Value: 624b1415a0b37534000
www.istoedinheiro.com.br/	1970-01-20 02:04:49	Name: lux_uid Value: 164908751007580500
www.istoedinheiro.com.br/	1970-01-20 10:50:23	Name: nvRefUUID Value: 711a4b32-4ba7-4d8f-bb4b-15a69c3cc3bf
www.istoedinheiro.com.br/	1970-01-20 10:50:23	Name: nvUUID Value: 711a4b32-4ba7-4d8f-bb4b-15a69c3cc3bf
.istoedinheiro.com.br/	1970-01-20 04:14:23	Name: _fbp Value: fb.2.1649087510178.383140550
.doubleclick.net/	1970-01-20 11:26:23	Name: IDE Value: AHWqTUlaWa6wNf3vXkARaKcsr2QqTxtUKuroBD1C9QLMfP8K5Sej3ddxuUFOttss0mw
.facebook.com/	1970-01-20 04:14:23	Name: fr Value: 0yLavbrjXg1oStj8C..BiSxQV...1.0.BiSxQV.
.addthis.com/	1970-01-20 11:33:35	Name: uvc Value: 1%7C14
.istoedinheiro.com.br/	1970-01-20 11:26:23	Name: __gads Value: ID=a917899f5e8fac1e-22145a696ccd0008:T=1649087508:S=ALNI_Mb7Rl4z0gjt3gosbnfH2tBdUlK4mg
.casalemedia.com/	1970-01-20 10:50:23	Name: CMID Value: YksUFZ5gaUOHZO5nt7rV.wAA
.casalemedia.com/	1970-01-20 04:14:23	Name: CMPS Value: 5203
.addthis.com/	1970-01-20 11:33:35	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==
.adnxs.com/	1970-01-20 04:14:23	Name: uuid2 Value: 378545223002341969
.casalemedia.com/	1970-01-20 04:14:23	Name: CMPRO Value: 1215
.casalemedia.com/	1970-01-20 10:50:23	Name: CMRUM3 Value: 2d624b14152760CAESEMCFvUvcQFoYlkKtYGVCdhQ
.quantserve.com/	1970-01-20 11:35:01	Name: mc Value: 624b1415-8c4ee-6df6c-ed327
cdn.firstimpression.io/	1969-12-31 23:59:59	Name: OAID Value: GDPR
.adnxs.com/	1970-01-20 04:14:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVQdQto*!]tbPl1M>e)ZlrFUfJ+tGXxpGD>6NsaVH>F<r_PKI6dh+Rh1RqX^X'qGJ9?]3If)y3KL9D3I?+1gs`Tg
.istoedinheiro.com.br/	1970-01-20 10:50:23	Name: _hjSessionUser_2306807 Value: eyJpZCI6ImI4NzY0MWQ0LTRiZjEtNTA4MC05YTljLTRhMGEwMWY3YjM0OCIsImNyZWF0ZWQiOjE2NDkwODc1MTAxNTAsImV4aXN0aW5nIjpmYWxzZX0=
.istoedinheiro.com.br/	1970-01-20 02:04:49	Name: _hjFirstSeen Value: 1
.istoedinheiro.com.br/	1970-01-20 02:04:49	Name: _hjSession_2306807 Value: eyJpZCI6IjUzNmZkZjExLWZjOTUtNGM0ZS1iN2I5LTQwN2JlNDIxMDIzMSIsImNyZWF0ZWQiOjE2NDkwODc1MTA2MzUsImluU2FtcGxlIjpmYWxzZX0=
.istoedinheiro.com.br/	1970-01-20 02:04:49	Name: _hjAbsoluteSessionInProgress Value: 0
www.istoedinheiro.com.br/	1970-01-20 02:04:49	Name: _tb_sess_r Value:
www.istoedinheiro.com.br/	1970-01-20 02:04:49	Name: _tb_t_ppg Value: https%3A//www.istoedinheiro.com.br/hackers-invadem-instagram-de-mulher-de-moro-e-anunciam-venda-para-ajudar-prima/
.istoedinheiro.com.br/	1970-01-20 11:29:16	Name: __qca Value: P0-1736520355-1649087510590
.quantserve.com/	1970-01-20 04:14:23	Name: d Value: EFQBCQHpJYEA
.agkn.com/	1970-01-20 10:50:23	Name: ab Value: 0001%3A6BnaztaVu6mWsyiuB9Ijxp2s6p66m8ti
www.istoedinheiro.com.br/	1970-01-20 10:50:23	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Db51d067b-2dee-4e15-b98f-b06f9572829a-tuct9449995
.innovid.com/	1970-01-20 04:14:23	Name: uuid Value: 7a24810d-1d04-40a3-9522-c8fe3bef43de-20220404 11:51:50
.e.dlx.addthis.com/	1970-01-20 11:35:01	Name: na_tc Value: Y
.rlcdn.com/	1970-01-20 03:31:11	Name: pxrc Value: CJaorJIGEgUI6AcQABIGCOndKhAA
.addthis.com/	1970-01-20 11:35:01	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 02:47:59	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 02:47:59	Name: na_sr Value: 20220404
.dlx.addthis.com/	1970-01-20 02:04:47	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 02:47:59	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 11:35:01	Name: na_id Value: 2022040415515000020425269250
.addthis.com/	1970-01-20 11:35:01	Name: uid Value: 624b14165f24daa9
.addthis.com/	1970-01-20 11:35:01	Name: ouid Value: 624b141600015230cd48ee1963142ef1de1ff57d1cbbabc02994
.pubmatic.com/	1970-01-20 02:06:13	Name: KTPCACOOKIE Value: YES
.mookie1.com/	1970-01-20 11:33:35	Name: id Value: 10597814350721452223
.mookie1.com/	1970-01-20 11:33:35	Name: mdata Value: 1\|10597814350721452223\|1649087510956
.mookie1.com/	1970-01-20 11:33:35	Name: ov Value: c777c847f2d0257903493134b2d53c74
.pubmatic.com/	1970-01-20 04:14:23	Name: KADUSERCOOKIE Value: 50279FC7-EA98-430C-8B05-4F7A4047EF49
.agkn.com/	1970-01-20 10:50:23	Name: u Value: C\|0CEAp3dCWKd3QlwAAAAACAQ13AQGAAQpAAAAAAA
.rlcdn.com/	1970-01-20 10:50:23	Name: rlas3 Value: CT0uYzpNLT15G6NRwnLmJbK41AIG/ZCu+ffpWOnnSIY=
.casalemedia.com/	1970-01-20 02:06:13	Name: CMST Value: YksUFWJLFBcA
.yahoo.com/	1970-01-20 10:50:45	Name: A3 Value: d=AQABBBcUS2ICEMjUIv6jJwsjPO2jelyGDPcFEgEBAQFlTGJUYgAAAAAA_eMAAA&S=AQAAAgavmekW0bPIHquJXaQQA94
.spotxchange.com/	1970-01-20 10:50:27	Name: audience Value: 250efd13-b42f-11ec-8ca0-13b80d860206
.analytics.yahoo.com/	1970-01-20 10:50:23	Name: IDSYNC Value: 195y~2453

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js?cb=31066038, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHq6G3EwE3OH6Jq7XqroWkk&google_cver=1&google_push=AYg5qPIHpUAmY4u1OLxZIRu2BEWPEZZ5m91fQtdeU56YZpL8R1AulDGrloWG_9mU3wWUGOEDjqZXPz_gn5-cnj-K2YKyDrkaM7S- Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHq6G3EwE3OH6Jq7XqroWkk&google_cver=1&google_push=AYg5qPKal5QAsESA-mDbSo90uzJoQyFE8KaSoQl7C2-T8kqjnb51lvZhTB8nhz8TPh_lctn59nHNDk37g--jycG6PYQqX1rpz8bX Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_cver=1&google_push=AYg5qPI6zCEeW89O3HHzstcok3Ze1HDInzDgzJNajEnd79eiblGSdODuAbLxBZYhfkjTF42IFlY63n2cACCcVUhsEY1JEM8RMw&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=250ec2c5-b42f-11ec-a34b-1a404fd50506 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPJt4aeJqqLfnfLDGrNIZDgzYwy7VMfvmpA-0pNGFJMC5SrgKmmzOxC59-mYcfiNaFU6l_-japKCnSM2-fUbf0lGC3mYiSk&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_push=AYg5qPLuja-VmKGlZRy0not_z9XZqj7sI3Y4iZsdLjW3whws8vPLsoPw2pXbtBdrVZqPvcUF4-N1Fxq3mKINzDYGKHBF2NeAQQE&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YksUFZ5gaUOHZO5nt7rV-wAABL8AAAAB&google_gid=CAESEBzvTnWNPC3TdWFBX-538HY&google_cver=1&google_push=AYg5qPK9KXdstxpRRlj-1ZRH3ILEWZ5wcK4Z14TZctPhNd-dsX2lNhyyf9KMKT5U053J1miC6cblBnpgUVpsp4mLy7Y09SdQCg Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
ad.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api-public.addthis.com
api.grumft.com
c.amazon-adsystem.com
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.firstimpression.io
cdn.jsdelivr.net
cdn.onesignal.com
cdn.speedcurve.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
d.agkn.com
da2546c6ba479d4f79ca317312ec06f4.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
images.taboola.com
img.onesignal.com
imprammp.taboola.com
m.addthis.com
match.adsrvr.org
nave.foone.com.br
odr.mookie1.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pix.eu.criteo.net
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.openx.net
rules.quantcount.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
sync.taboola.com
taboola-supply-partners.tremorhub.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
v1.addthisedge.com
vars.hotjar.com
vidstat.taboola.com
webservices.webspectator.com
wf.taboola.com
wfpscripts.webspectator.com
widget.perfectmarket.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.istoedinheiro.com.br
www8.smartadserver.com
x.bidswitch.net
z.moatads.com
cm.g.doubleclick.net
googlecm.hit.gemius.pl
s7.addthis.com
104.111.215.191
104.75.88.126
108.156.255.177
108.157.4.15
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.226
142.250.185.66
142.250.74.198
143.204.215.118
151.101.1.44
151.101.193.44
151.101.2.217
151.101.65.44
178.250.0.139
178.250.2.148
178.250.2.150
18.156.0.31
18.194.56.109
18.66.248.121
185.64.190.78
185.86.137.32
185.94.180.125
192.95.31.56
23.205.235.133
23.35.228.247
23.35.229.151
23.35.229.86
2600:1f18:612b:4264:cf98:6d7b:6943:bef0
2600:9000:206f:ec00:6:44e3:f8c0:93a1
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6812:e134
2606:4700::6812:e234
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:801::2003
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2006
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9c
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2
34.149.44.99
34.192.67.210
35.190.90.30
35.227.252.103
35.244.174.68
37.252.173.38
52.1.252.251
52.215.248.120
52.223.40.198
52.29.167.104
54.205.191.18
65.9.66.123
69.173.144.139
69.173.144.165
96.16.141.156
99.86.7.129
99.86.7.26
99.86.7.88
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e20c08d12eaffb879bd2bba2bd4d202a858524ee589fc719f7f77c85c08a85
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05dbe6e1621ffd554b4e423f5bb857965c36a5d8583dd44f4f4a5b9f069d788a
05e9b8e1c8204f72012ca7c6b1365311e1d7bb24e4893b529f2e05faa116678c
06e0a71a1da9d62f20701a4b9554201fc679eda729f2a034537c621df66788a1
07f692b52a6c486699cfb1148d24b36ca2726246b85fe13e1dba3ba6034d2dde
090d9ca4ccb235d89337757306fbf9411aeba65a5bd7c72bc8080d955ef0b15e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a6b16cf8627f4330a8c1015ce34b308bf787d50d9197582121fb5ac788c843d
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be15b0cb49be649284de924bc496fb7342860d87c22012d1358e73427fe35b6
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201
0cdfb673acd5fb8c2b4d7e9f2f128ec08d6b43ea824103e3f31e23625980ee5c
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11992f506398f0ce551a82f7591c0448de7de4b0a84a1fdef72131fd756710ff
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13f8188a240dd4652cfa5ed265f2fe15b36ef6c1fafbe8fb07b930f06c89fcff
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1478f042e2da781138cd0286ba1ce5d5ffcdf5905879c58433fb4dd8e9c2e743
1d31326f7496dae795cedf9b5a790258d01f9255a75e854d9b29c71dc91fe4c0
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e815b0a4c219f8e457f46a5db404aed34b302b0b335b54db07f01507a2908b6
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
24306838b9032f297d749706c5a21d08929f52dba0d2ad351416b231e6569bdb
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29821da70acbfa2c125e281dde92274b9bae08f9138f773d8e359e3c3117f109
2991b4dc0d8ed74dd582f58f32b5984a0e32cf0b749a3d4514a10cb9604f54b6
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2cfe3860cbed1aadb7413754ecab66c5e58561a48cced4efa2f0a4a294cd39d1
2db274afec131333daac4f668c479d1085cec935a012f715c8cc3466e4faeab7
2dcb6b256a91fb8bc15f001dab21d866f4915b01fde053986e47f0eb923fbbdb
2e6ee80586d5bb6c4ed6514a09597becaddb44a0d1e18231117a8c7dd0735dd1
2e8fd4a2cb108ba6a782617751572c13b76ce4e46331a4c6be27c2c3774af772
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
301e5a2c1745830292f25ccf6e91ef3e87cb8defe5358284d15db503624c9f2c
31795ad93b347a22681c91b4db1dc93fcaccd687aae124dcea03f344c2167141
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33cdf2124853e3b8246135daaca7ff16fe85f80a07d86e32fd0a97e59b12f7f0
34195593868a1ee752ed21ccb4c75676481a47dbbf5e583464e106f87079b8d2
3505ce10d6a932d3d41af5638324ac77b29f688fa590eddb42d0d8840f639461
360a6ebb9fd281edf03e8bd509e1184f153b2638eac178c96bcf337344f6fa4f
39aadaa6a1ef0a579c0f8185e425ef799c1d9340b01922a0864c6da88a997f82
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a230409f63d543757a853180d5032e1ed59f3e515c9eb286cb65786e9c753a9
3ded89eba7f3c78bc7257e0653550c7d7ba53148cb9083a9d0dabbbbdf9e384f
3e0883088748759001d4eb553095b01f86bc875d6eb1db1d244efe21596518b6
3ee34ab7a922441254891e0f8491eced8c17fe9776959a654040cb93d8ff50e4
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e7e6169c21fb0209d88962adb314cb48e55d77dad4490d69394865e379bcf8
41ce4cc74582de929a55e49d724a6176a627842abc8da4034061f96ad37e6a51
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e0467656e99238bd0547e5bdaac626664183d1f53903117e83dbfb2a45a87
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4902e2c5bccb527d68db3658489658ce9aa731e76e54269a91efb2856db12854
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a0b5a08fb411988634612c09da0338757a1367628929cbea2dd65de0deb8901
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7034601d7f877d8ffb60c0a24ca7062a292e836250c29628abe0face35da71
4c16949f9e7ef14ed42ab072cf4dc4177c79c2f56a0cde4c89c5866dc37902cb
4de3908746383939025bbea5847e9752c3cfcc44420525a29862361743d9f77a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0c803725f13dfe7d635195de2634bc200b7340694a846e95912e05347de4ec
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513db1539e2636a80095ea5400aba7f55aa44b4d78eb0440cc87b6d693cf6090
5300748c406275dc33742fe2d327570abbab4217b896fcbe8ed3fca020c16a79
5370c8f238d0ae8b1400cff5df17563faca18ebfc2372d0948e20087984e2d19
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53bff42130f5bff8f3a92e259f20357ad8b46271cb9daa75a9485d401aeaa77f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579eec9d4d8247e0daea62bc5f444339d5a4c5e498359074c7def6d0cc0c62fc
5821bdf832e92c756801a26a3afb345955fe3e32d130136d93ada2b235a10d67
593a7d1182ada5a65fba49579dbc554fc1b27cf7eb834c2e4e7c7e0b54d07a17
5a04f41bf2cfcb30941b315ee4d5c39a4c8a334a13d0e4110892a49cf64a398d
5a1d93588dd5205742c81b1447bd8817ade359dad14d7ce84ce80a6aacd41ce0
5b2ac85f4eb5faa213f86b310f792f555a284ab715127f3949ea32a6561c4dad
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5cef94772467bcd1ded662ecfa0552e6c0bb0d3e4a0e8dfdb944f4099578991f
5d0f3e571238268e935dcc48a08ea56445b13db9f91ec7733b92d36287b15141
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e6dd2ae396e969789bc33c4f36a6aea01d2fc77b39b568f40ce9f7709fa7ed1
5f7497b857fe22b466f5f015063fe59cf28a7b9aa8ab6c5427d01b15c93d9382
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6016927154af8cf7541d5f21b44c093cb1309e48011c9efedc47c09e64043429
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
65c3c31e58326021af4f383d426a9a82f1dede9883ea22ded0059c05a29757cd
667e23f6656072e49e950423f65e926e5df1c90bffee2d980226d702d745ff14
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68547c67786349ec35644905bea85f9eaa5177f1d762b4aa8b111868ea91e6a3
696be6878444b9ff0e461f6c67384dd8446cd1bd72dd0aebfbc1631e05763553
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb35f7588c16390c3693092c2bb50a0b8f78f85462220811f6197df99a02341
6d2c88d7b8364da624551c4b898778538b8020b501bd56717773d7a1d18f6d1e
6d8428de5aa9510c3bfc13b190b025d8db90d0ce20bc4f6e4b63b10c3debf968
6edde27699666da21bef3ca8658fa1853296f52c0356ae00e7d02130610b60db
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
7113c726067335f79f109856070c2b74a706f1cb968fd30b6a8d9c790f8fe3c4
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
751e3b159a6a915733fba0050df55cef2c9da43e79397b02d66b182f6897d0b3
75424d72395f6c3091d4dd5f97d24cc96988358b1b0664f55ea6e7e7b7ea21a3
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bf1c1ac131e1295d78abe87ccd18d5deb7a85a8dce6b79c2fece1b709103892
7d788dd4a4b0613d5b286dcb77eb8b9e1cfcfb361e1481088c18eca78e82683e
7eb91b9a29d0b3a6ed8a1145f760a058137738126e1c9554c28dd3549a91d946
7f223ac2cab7bd90937d7e7d08ea11ae003dc6c45b0d8c2d10a145d894d71ce9
80eef32e2c852c478d5f3486e16b77c945b7c6d44a0447e6e15d9574e582d7a6
81a6ad3945697de59e54042b4103890a4243cba1d04b17e55bf8804c9ca329f4
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
82511ed160733023004690d3b634d2c2fec8989f057357703bb48a60093637d3
82e9c8522242fe5247600454aa211a3e1007237c6330a7dba9418ab4e425c1df
84ac5e66de0d66384188d56ac5c8a7b2e50f42535c331a542a930fe0bd24ae8a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d7b0b7c564c527c834963e7bdabef36438c705da80c629e5a30115b992d9cd
87dbc7a9118728534ba33806259ba24f02157e51587546caeab573b21ceaf1c8
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88bcdb616584496c912491508115d321e4b5fc1a5b73fc028adb5ad9c5d9299a
89619d4bdefe80961262461b5ad72375c5bb5435094ef68d49523e90fa666767
8bf71f112d2fef1fac7f1d4dce9090b4722d96a5bdd5ef7c2cb8cbd8263c5493
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b
8db980d4051813f15c254961f906f82c8c6f504a474bb8c1f231699500d8fde5
8e54e1898e07a5e977ce304b2f937c457c966846998c86bc75227fd5328d5c38
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f3024ab38f1a6d05d03b13c7720762e3332fe371bbc6f3252f36ad2b987f5b5
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90519fd7ebabab466f1d113002135cbd29f89ed50dcfd7bd6a4e76b70e4e06a4
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
918e0d6d2ab201f321a6a30eb27828e624abd5947070d8116dbaa9441fcdbeec
92735b43f554eb401dad2964ee21fcd5f3c0d95a80cb06af94fe9804115abc9b
9389cc68a3faba34447c2b2ac49d9fa18c42f484e98c9b243e56d22aa78664b8
93e02281cc945565d959f6f0402da45e4ffb5bf120a43c57e7ad8bf6c57081a8
96af03461ebe42d29a8796d059f22b5646737955e9bb326976be236bcd218d6e
98252c1da475545dcd46bbd6f04292ec09bf843b73074ea7de3efd05dd39ce5b
9860c4b880e40fd9425f7fc3c39598fc1d636025538057831a7211322ef8bf9d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c2cd57fc33e43d8a3b951095eee1988fbe9ade5603046cff11a378f7460d85e
9c7559fb0131373d051d9a3832775a88e60e9fb8c1dd1d2b574e60c6f7c3ab64
9c79974c085d3ad8ad9dccd708d69f23e6932983b4fd3be6180e4c6d1a6ac709
9e246af5bc653ef7381c867ed45a030c24b8d1d894f10b0662c0c6eec7a9e113
9f4058e71b4a9342a5d48f5ceb3a676c21d65ceab7812cf54531171e8813d56a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e8dc7b324fb8411e9288f0d699d75d26c81e3836ff498ba1a0129d6a7f6622
a2306dd0d910337be70c4ab0b8a5b51861b0e018c1a7025dcabebb275272711c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f52e1684a0166feef0d4d49b3e23e9216dc0f7c5864c5e4a8be39e3199e734
a5fd82daf97e4f74d94c92d2e8556e73c891c480401bbb1ce29d5b02b381c9b2
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d
a9895cc9118db5b2abff67568adbb82d327bc6c0fcff41c3787ed2fef2b2c37e
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
aa23de7db2a0bf8b9d8acec22eb3ddd1cbe43761edf1b2607888393ae6267be1
aa6d5ed8d089941768971b05ad138653621b009bcba6a4af8982d3a740c3eb47
ab673fabe7104b122c5a975ec35f9a34aabfd7b81d4a2582cd1d6d4a80b73da2
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
abe061629ba1d65119146172805f73b0d9471bc26b2bd7112545e4a40e902047
abfb1f15c2cb3df79d00d5c685c6840b8f5c91ecebb41650eacb4611aeff6071
ac7eef38c799023bcf8ce6e4b078c64a70a8470dd98bd32d47ee30b62c1a3e5a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
acfb9048c8ab5dbc820a24b8140dba60cc224feda9c08cb1f95f1b0d8087b53e
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0b5da7e151ac3827a6b8f13fd19967fd4404ae45fa3eaca80adeabf35808c9b
b0f391ab75cba9d5aa613d22978356c35d3969320065331fa8360e72506811c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e75238f4726e01330f4fd81713ae7672c11987bed1d52d6ed0897472ee261
b3ef825d7018d8542e0135ca586cf15d9a94a4cfe9fdda243e5b82e89f0b53e9
b4d587cecda63acc6a4c5574619791f557d0b59e0676453fbba7b347e0bc4bd4
b5a3defdc60c4e35f6cd61faae72dbd83e8e0acc350484f0fa678b5774ec040d
b7781f6fa62c80c336671d895754a77ce8d0f5e9fe30e0b1f40d08c66261408b
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
ba6c0bee6c2e1bbf83c3e13d6c46152385ef5e07d103f38cc42c18df0f705738
ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233
bb192872e10b92729070c08bbdf96b106f0a0cfed6fb3ab99f5668b1c5250877
bc836f8f65981677bee87dd91f1eaa28be0b1bfe9c97e391e380456f8050d13b
bd8ef978874f98a40580450028661a8f8702d0ff278963908ecaa5f159dd9622
c11e106a5e58ce060b11ae2ec07c20c452089aa0ae693d50fddd389c739657b8
c232fb3d5065a0dd42ca838a45abc9bc892d285ad40deb18c1119ce01040a425
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c48af1698e6e13a34a137eb360a3e7d0937ba31bd0332eee8af2b2972b49dd49
c57a2bac19109ec4d3423b85dd7102e7b9eb641dd229dd53b8956465ded5bc12
c686eb65c61f1f16573d3ae0486463dc7f1a9b6e9d383e737a23392b940e5ae3
c7c18cffd1df01c555cb31fd251afd0d5849aaa5fc43818e840e23d6b69f22e0
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cacdec72c24a64eb8ce0833608a5e365edf047a01ee503629b2b8052bd61fde7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1e0f6bc2483746c6de40855f5d063a9db8071b026da06f68606b514ac2126e
cf58112083b79db5ea2c10ca707a3fff061520c1b881d0ef3748fc1a02f93114
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d19859bbc62b4768c57823cbeaa99a26b9d71eb0deda9ea6d7c36ff56f0fff50
d1c9e3ef3236ae98db96a00c1d89a7f94d3978b6d31a5000b3fe5fec36f31975
d2132330b6e45f8536ab57f420dbbc4ee3cbe181f042a1c3ca97eb6802fc5684
d3075f5f3f887fb74f408b00dcf064416aa12c5b02ca0767f97860d837dcada8
d4ec022c2648a7848252a483514ddbb21a67533a48a605a305a22d279effd320
d57d2c3c3571a5eacb4df5e9d2292fb9bee14873b2387bd11e7d9b11d2f0df89
d58fe9f071b6e66f2ff69371f76ac7a3733724bc34ba728369e6e114746ab081
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d5a87c72dd08ba147383779f1230ff635da77f93883fc402a9ab31a66b9b4970
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d99d7df133f73be15d3b3870125a0ceda6def30beead06e92081f53ab6f11aa1
da2fd2865eeb44850745ccca3d20a81e20150a79abb4ec241c750851d7cee264
da33e0480015a2c97b41a84727b8acc00d8154e24e6b4dca86eded18eeaf140b
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
db94e60ca2ce3648b7cba2149abf8ae04a6f7d22db61b73ba838f58bffac0816
dbb18c61181463be23ca920f9859552dcfeb7d7e1024603f5a882ab2ff29ed66
ddf9a311a472730fa4dc7d178506179fe3659b8248d5ef17089dba880446f3f2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e237913b1e6991b63c32757eb8d68edf345e485832cc3711118ade6f042c22cc
e2aa0c7854e40d3c98add7b233c695057fc70b36f05bd41e23a9f00275061bd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45d7c1768e0495a3588b75fe0afcdd68a6bce4535c0fd1383aa95dc3670132e
e58d6d065aba91b5dcc9a98dfcf0bd3d4c2742df9e1d0ad5b3244a9f8df25f63
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e75d7edc410eab9c5ff0e0d8fe8d3f8ac25ff47fe0736e7ba765108053c7c360
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7
e978ea2824995c6a8d0ffee5d27fb5ffff33939892c26e450bf24cd71ecbc35a
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed9caf62bfd76fd2174b4f5e6c3b0464027bb82609938096dbc00076dcb1d42c
ee9e4801b59e857d414e8d0de4100ff9fbfdd80d2917f4cf3f4a4a9dabc71e04
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47
f2d9df067dcac0d445c2c4c6707a377c24d46fcbe0e09b0f23667abbee6bed75
f33e91141973720bf0835ccb12dbedfa345dd8de06835f346afc6613752a8e11
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5cd8d23da3756425b432e78ca2ec40cef5eb92d1789d5dc7de97d9d9ffdf70d
f5f90e71fcfbecb85bd54fc723b32cab2e634ee9fa76e29e0652a924bc6ae7af
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f83800ec0ec11bb606f34151c2c31053f67b79c351e3e2eace9f50d4f7966b4b
f90d4da7c1366a3247dd07f3358c9796067ed4c09ee156e21828f1da3f66d2b2
fb12716ba936c501f5e91714039a4c7f232e8a8db582566f3e547878f098896f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd47fc220ea0b9a5923be38fc278321b9be6fbc021749dbe3e292ce7a8cad851
fe66210f716709717dc6446d90abcc731aa5987f705e2b3d4b4fc2ecd9ce9d05

www.istoedinheiro.com.br Open in urlscan Pro 34.149.44.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

432 Requests

91 %HTTPS

36 %IPv6

53 Domains

94 Subdomains

68 IPs

8 Countries

6019 kBTransfer

15170 kBSize

56 Cookies

54 Outgoing links

Redirected requests

432 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.istoedinheiro.com.br Open in urlscan Pro
34.149.44.99 Public Scan

Screenshot
Live screenshot

Full Image

432
Requests

91 %
HTTPS

36 %
IPv6

53
Domains

94
Subdomains

68
IPs

8
Countries

6019 kB
Transfer

15170 kB
Size

56
Cookies

432 HTTP transactions
13 data transactions