financasdeouro.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://linkae.club/instagram/campanha.php?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwOD...
Effective URL:
https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Submission: On December 22 via api (December 22nd 2023, 3:04:07 am UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 36 domains to perform 97 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is financasdeouro.com.
TLS certificate: Issued by GTS CA 1P5 on December 12th 2023. Valid for: 3 months.

This is the only time financasdeouro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3037::ac43:9530	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3035::ac43:b2a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2.16.202.120 2.16.202.120	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	52.50.140.7 52.50.140.7	16509 (AMAZON-02) (AMAZON-02)
1	54.171.165.5 54.171.165.5	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1 1	2600:9000:264... 2600:9000:2644:ee00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:214... 2600:9000:214f:2000:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:8e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3033::ac43:c917	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3030::ac43:d00b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.120.118.60 3.120.118.60	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:3a00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a04:4e42:400... 2a04:4e42:400::626	54113 (FASTLY) (FASTLY)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:d6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:15e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:9034	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:2e7d	() ()
97	37

2 2606:4700:3037::ac43:9530 (United States)

ASN13335 (CLOUDFLARENET, US)

linkae.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

financasdeouro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b2a4 (United States)

ASN13335 (CLOUDFLARENET, US)

playerhd.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.202.120 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-120.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.140.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-140-7.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.165.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-165-5.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:ee00:9:46dc:4700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:2000:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:c917 (United States)

ASN13335 (CLOUDFLARENET, US)

meusanimesbr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:d00b (United States)

ASN13335 (CLOUDFLARENET, US)

animeshls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.118.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-118-60.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:3a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

anionhls.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:d6a (United States)

ASN13335 (CLOUDFLARENET, US)

anionhls2.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:15e (United States)

ASN13335 (CLOUDFLARENET, US)

anionhls3.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:9034 (United States)

ASN13335 (CLOUDFLARENET, US)

anionhls4.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:2e7d (None, )

ASN- ()

anionhls5.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	demand.supply live.demand.supply — Cisco Umbrella Rank: 57430	38 KB
13	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 43722	275 KB
10	financasdeouro.com 1 redirects financasdeouro.com	79 KB
7	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 3926 api.cmp.inmobi.com — Cisco Umbrella Rank: 12882	216 KB
5	jwpcdn.com ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2994	238 KB
5	animeshls.com animeshls.com	21 KB
4	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 39874	1 KB
3	gstatic.com www.gstatic.com	29 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	2 KB
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 424	682 B
2	anionhls.site anionhls.site	345 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	38 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	164 KB
2	waust.at waust.at — Cisco Umbrella Rank: 43427	14 KB
2	linkae.club linkae.club	2 KB
1	anionhls5.site anionhls5.site	383 KB
1	anionhls4.site anionhls4.site	358 KB
1	anionhls3.site anionhls3.site	337 KB
1	anionhls2.site anionhls2.site	337 KB
1	jwplatform.com content.jwplatform.com — Cisco Umbrella Rank: 4287	41 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	33 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	278 B
1	meusanimesbr.com meusanimesbr.com	4 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1296	1 KB
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 3555	561 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 17707	208 B
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 45315	859 B
1	cpx.to p.cpx.to — Cisco Umbrella Rank: 10397	4 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1276	9 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 714
1	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 43720	4 KB
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10999	36 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	51 KB
1	playerhd.me playerhd.me	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	7 KB
97	36

	Domain	Requested by
14	live.demand.supply	financasdeouro.com live.demand.supply
13	ads.themoneytizer.com	financasdeouro.com ads.themoneytizer.com
10	financasdeouro.com	1 redirects linkae.club financasdeouro.com
6	cmp.inmobi.com	financasdeouro.com cmp.quantcast.com cmp.inmobi.com
5	ssl.p.jwpcdn.com	content.jwplatform.com
5	animeshls.com	linkae.club animeshls.com ssl.p.jwpcdn.com
4	c.tmyzer.com	ads.themoneytizer.com
3	www.gstatic.com	content.jwplatform.com www.gstatic.com
3	id5-sync.com	ads.themoneytizer.com financasdeouro.com
3	gum.criteo.com	ads.themoneytizer.com
2	anionhls.site	content.jwplatform.com ssl.p.jwpcdn.com
2	cdnjs.cloudflare.com	linkae.club
2	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
2	waust.at	financasdeouro.com
2	linkae.club	linkae.club
1	anionhls5.site	ssl.p.jwpcdn.com
1	anionhls4.site	ssl.p.jwpcdn.com
1	anionhls3.site	ssl.p.jwpcdn.com
1	anionhls2.site	ssl.p.jwpcdn.com
1	content.jwplatform.com	animeshls.com
1	maxcdn.bootstrapcdn.com	animeshls.com
1	code.jquery.com	animeshls.com
1	api.cmp.inmobi.com	cmp.inmobi.com
1	lb.eu-1-id5-sync.com	ads.themoneytizer.com
1	meusanimesbr.com	playerhd.me
1	rules.quantcount.com	secure.quantserve.com
1	cmp.quantcast.com	1 redirects
1	whos.amung.us	waust.at
1	adtrack.adleadevent.com	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	pagead2.googlesyndication.com	linkae.club
1	playerhd.me	financasdeouro.com
1	cdn.jsdelivr.net	financasdeouro.com
97	37

This site contains links to these domains. Also see Links.

Domain
www.google.com
whos.amung.us

Subject Issuer	Validity	Valid
linkae.club GTS CA 1P5	`2023-12-13` - `2024-03-12`	3 months	crt.sh
financasdeouro.com GTS CA 1P5	`2023-12-12` - `2024-03-11`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
1266287590.rsc.cdn77.org R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
c.tmyzer.com R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
playerhd.me E1	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2023-08-30` - `2024-09-11`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
*.adleadevent.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
meusanimesbr.com GTS CA 1P5	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
animeshls.com E1	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-30` - `2024-09-30`	a year	crt.sh
anionhls.site GTS CA 1P5	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
anionhls2.site GTS CA 1P5	`2023-11-27` - `2024-02-25`	3 months	crt.sh
anionhls3.site GTS CA 1P5	`2023-11-28` - `2024-02-26`	3 months	crt.sh
anionhls4.site GTS CA 1P5	`2023-11-27` - `2024-02-25`	3 months	crt.sh
anionhls5.site E1	`2023-11-27` - `2024-02-25`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Frame ID: 6B34E257956C7441FD3559F71A2F5001
Requests: 70 HTTP requests in this frame

Frame: https://playerhd.me/embed/play.php?url=STZURUlJcGphVTU1d3lSQ292NSsxVUw3SkVVQ1VqWHoxa3p0ODhaaW9TNU13bUpzN0V6Mm1ZaU55Q3VuQVpwNjBGaXBHUjNqa1RnM1ZlcEpmSjlZbmxGZnhzQTIwcEp5T1J0cU1BQnZnVVhPNTdPbUNDT2NGd0JIaWVpbjVOT0c=
Frame ID: C5DAC48E6AFB74157D6B79FDC1B4B4FE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1703214241963
Frame ID: 949380D94929912037A87604B00FA979
Requests: 1 HTTP requests in this frame

Frame: https://meusanimesbr.com/watch/?hash=538559a7fbf9816979a2ea7793691a16&season=2&num=22&target=2
Frame ID: 6C17A54C26211C65526A1E3353EA44D9
Requests: 3 HTTP requests in this frame

Frame: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe
Frame ID: 584823A5CFE405A045B41FF88FC82A7D
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Construção tem maior desempenho desde 2010

Page URL History Show full URLs

https://linkae.club/instagram/campanha.php?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TX... Page URL
https://linkae.club/facebook/?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28... Page URL
https://financasdeouro.com/facebook-ads/?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk... Page URL
https://financasdeouro.com/social.php?src=https://financasdeouro.com/?redirect_to=random Page URL
https://financasdeouro.com/?redirect_to=random HTTP 307
https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

97
Requests

98 %
HTTPS

76 %
IPv6

36
Domains

37
Subdomains

37
IPs

5
Countries

3082 kB
Transfer

7054 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/url?sa=t&esrc=s&source=web&q=&sa=D&ved=2ahUKEwjv9a-U7qroAhW7IrkGHVITC1sQFjACegQICBAB&usg=AOvVaw0eC1I9nGsLHFemPrTtLMkn
Title: VOLTAR PARA A PAGINA

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/ta4b69d56n/
Title: 151

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://linkae.club/instagram/campanha.php?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ== Page URL
https://linkae.club/facebook/?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==&origin=&site= Page URL
https://financasdeouro.com/facebook-ads/?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==&origin=&site= Page URL
https://financasdeouro.com/social.php?src=https://financasdeouro.com/?redirect_to=random Page URL
https://financasdeouro.com/?redirect_to=random HTTP 307
https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP 301
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2

97 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 campanha.php
linkae.club/instagram/ 1 KB
1 KB 417ms
301ms Document
text/html 2606:4700:3037::ac43:9530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkae.club/instagram/campanha.php?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 839522863d732c65-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 03:03:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1wbyR6zlY%2BS2RdRRbeo0gVHju4GqnKjuVLvD5v20BmO7B0LJcF%2BN9YuIrGAc9FFGNfw0Na21rKKBOzcr6b7IgPij7qW8u6%2Fh4sdcdOjX7HSb8cgmXM4ImX3UHg8cyyVNESUTVNRoTOG2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 /
linkae.club/facebook/ 1 KB
843 B 135ms
134ms Document
text/html 2606:4700:3037::ac43:9530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkae.club/facebook/?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==&origin=&site=
Requested by: Host: linkae.club
URL: https://linkae.club/instagram/campanha.php?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://linkae.club/instagram/campanha.php?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 839522888f412c65-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 03:04:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgTLK1w4VVNkPFI1DF0%2BMCkvvhjFjOLzzV0Q%2BgoLLwT17zDarm%2BqXHIdZ4jeNVHIbJpNL6iHVFQQ8xji63AuddGBT2P1G272DF9pI5BlCgxRIW%2BsSJuw9p1kWuHhCPibWVcJyqjF5MGYoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 /
financasdeouro.com/facebook-ads/ 330 B
810 B 449ms
168ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://financasdeouro.com/facebook-ads/?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==&origin=&site=
Requested by: Host: linkae.club
URL: https://linkae.club/facebook/?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==&origin=&site=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://linkae.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8395228bfbca9c6a-IAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 03:04:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYkqBO%2BY6Z46TQpJPg00nPPKwAU%2FVgrtnRImBlHKd%2FQv1E19yyq7g1MbvT%2FoPlncPhLhp8jilkgQ1J9lfE9mW2An9g%2BVcUQflQZf5Ib2nyquCNGG%2BooXvfZRqE7U6m4IhQ367a%2FJHPeFuK3RMXEqU3Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 social.php
financasdeouro.com/ 286 B
475 B 140ms
140ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://financasdeouro.com/social.php?src=https://financasdeouro.com/?redirect_to=random
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/facebook-ads/?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==&origin=&site=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://financasdeouro.com/facebook-ads/?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==&origin=&site=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8395228d0d489c6a-IAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 03:04:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkbDIG612Kx3WW1AWFvwgZMyznroSszO6huDx%2F%2B%2FoZCvLr2dsVY9CFynvxzb2VGD0DLOd0c70DcHufXGkj46j5rCMG0ZoRj9Jf2jrqR3lVcCxAQRQQyRqr1B6gQT10BDcJN3xPotQ3enFZJ7vkzFNmo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2

200

Primary Request / Show response
financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Redirect Chain

https://financasdeouro.com/?redirect_to=random
https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/

100 KB
18 KB

218ms
218ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/social.php?src=https://financasdeouro.com/?redirect_to=random
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd00a6c843fa8c9388bfe827d73c0de2aa6dabbbc62bc5db30a3ad8c7986cea

Request headers

Referer: https://financasdeouro.com/social.php?src=https://financasdeouro.com/?redirect_to=random
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8395228f582b9c6a-IAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 03:04:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://financasdeouro.com/wp-json/>; rel="https://api.w.org/" <https://financasdeouro.com/wp-json/wp/v2/posts/33>; rel="alternate"; type="application/json" <https://financasdeouro.com/?p=33>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xTwPh0UZts2Or7kqxzBlbO6UXSHs9d7t99gKyGTXmi9cv8jmVl5tIg7QoYX7EMCYUI2W6n%2Bz8kw8bIPzdJ9WghmRmrAEHCkocLP9d0GCbg9Ml9OFXvaTqptse1%2B1lLg5MHycmZjTZ%2FFbsdeU6%2FTFjs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-pingback: https://financasdeouro.com/xmlrpc.php
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8395228dfe5c9c6a-IAD
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 03:04:01 GMT
location: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtZTdBBHvsBAGzCqmYyfnNwC5YLTHAKY22moHSO6a6V8vYxyxT00RF%2Bj1sEGY4cWeNWdAUi%2Ft9W%2BewLACFDQ%2Bzt5GPnQ%2F4Js2CEn35x0xZSWI072bqentkUVXqCBlO%2FzF6geV5ZAZ8x2hQfvDirNSao%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-turbo-charged-by: LiteSpeed

GET
H3 200 style.css
financasdeouro.com/bitch/css/ 3 KB
1 KB 189ms
189ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://financasdeouro.com/bitch/css/style.css?v=2.0.39
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d08d3d3319bf929a2e38810f8981203ae3ddaa55438bd05a29731f390ba19ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Oct 2023 01:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26715
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqJW1RWUZ8%2FCAqvPoncYP004Ws3QJzRjjPdDMwfjUmMgQ3XlbZ25We0EaIAl1SRPlroyFtZMOcviLJ8qgGZi8zE6%2FQoT45uOoW%2F9M80GPj2AwckxRLAwsQKiLK8hGvLQlyY9sQJb0KSmlJ0X9KxnCyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83952290f90716a2-SJC
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Dec 2023 19:38:46 GMT

GET
H3 200 jquery.js Show response
financasdeouro.com/bitch/js/ 94 KB
34 KB 193ms
193ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://financasdeouro.com/bitch/js/jquery.js?v=2.0.39
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 07:43:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26715
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sit3Cu%2BgQb%2FuTsZSUHx%2BnU%2BBqObbBhTNjDsneEIHVYkad4fhc6o3QK0QEYaheuSgBQjULi7wv9JNjk%2F3gc01pgYIqip3bveNaQev%2BQ5VMnyScnrDWjTwyJCQt71t3axaAZV%2BvrztFeB8jXNRllwyPr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83952290f90916a2-SJC
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Dec 2023 19:38:46 GMT

GET
H3 200 funcs.js Show response
financasdeouro.com/bitch/js/ 4 KB
2 KB 548ms
545ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://financasdeouro.com/bitch/js/funcs.js?v=2.0.39
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b140d686a6c1e8d941cb2400e1144911dc61ecceab5bc6fe54d17275221888c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Oct 2023 01:59:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26715
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBZETq8d5%2BmvYT%2BwR5DbF%2BExq1acXQXy%2F0qsiiJKA1j8iPHjqxKQFikwPUnCeGVHDtSyyvaMw0ZUNjuOaE%2Bw0XkvQMVYxwm7rk9xfI1gDSQJvqKYLJECCItR%2Bxs4GF%2B0VXlbgEdsBTCdiEXOwGhHp24%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83952290f90d16a2-SJC
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Dec 2023 19:38:46 GMT

GET
H3 200 block.js Show response
financasdeouro.com/bitch/js/ 41 KB
10 KB 551ms
549ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://financasdeouro.com/bitch/js/block.js?v=2.0.39
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb113e9d0d4ea66e333441e211ac6835f3d4429534c048a6277cb58731fd32b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 22:01:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26715
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1qpywDxf52ew44sKjPGdb8Givy0drVkOerzxtYfRhI%2BcdbnvQGSU%2BDP%2Fz268dwZvwiFYGbClSA0JcfNRlip4znZ%2FcPDFSxrP0kS66creqN%2FOU9X8ujrXxZfiiRItAxk%2FXO4bloffMEuLI7B1rMAYlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83952290f90e16a2-SJC
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Dec 2023 19:38:46 GMT

GET
H3 200 themoney.js Show response
financasdeouro.com/bitch/js/ 4 KB
2 KB 187ms
186ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://financasdeouro.com/bitch/js/themoney.js?v=2.0.39
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 146f0dabd339716f2f0cc2d54fc8ab2ca317f6f3216cb9cb83111e3d3e26db68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 08:11:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26714
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaAQzFBJEEMkdAjSTTIUr3w3WyTcp%2B2qy7290OFkEiQDf2Ho%2F8jHJ%2FCLbB7AMp2eWr9U%2Fzdh6KNFK0W26veEEGwEdqlaUO%2FqMBypt2ZhO6EzEitf6i5dV0%2F0SKZO8SIAwGp6mpe3HXCV5dY9iXZ6Nh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 839522947c9e16a2-SJC
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Dec 2023 19:38:47 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 284ms
181ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53bc1f5f6d88ee88553a200df4f0c3600131d86615eedda8897e20360b95e77a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-nf-request-id: 01HJ590FFQG6EV7MSKCS598DB0
date: Fri, 22 Dec 2023 03:04:01 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 122
cf-polished: origSize=4807
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"38665c79490d50efad10a7c0bcca18c6-ssl-df"
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 839522912a3090dd-FRA
link: <https://live.demand.supply/impl.v17.25.3.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/ZmluYW5jYXNkZW91cm8uY29tLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 disable-devtool Show response
cdn.jsdelivr.net/npm/ 17 KB
7 KB 133ms
48ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/disable-devtool

Requested by

Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e3619d1436377e6f493faf900b862c3ad1fdda5cdfc9e988a624ef4aa50fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 22 Dec 2023 03:04:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4680
x-jsd-version: 0.3.6
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230029-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"429d-aUybg/2V7poZoWQBz5K4dcexnYI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfX979L5DSm7q4Bf4%2B38j373fc7zvPgWvCYwfed2Nyy0i4s5b8Im%2BBu9MIuHkULdhGBoynV64zIC%2BijPQ8bDkGe3eZhVq%2Bq%2FFCRIS6TUN4IOqMa2fGreyaVjC4jIvWWoQ2Eeer%2FRJ1vb6Sh0FFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 839522910b18383d-FRA

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 168ms
47ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-77-nzt: EgwB1GY4tAH3wTMBAAwB1GY4EQH3FwAAAA
x-accel-expires: @1703740233
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78808
x-cache-lb: HIT
server: CDN77-Turbo
x-age-lb: 78785
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc8465679cf11c
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703135456

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 199ms
79ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=28
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4706038b3307c77004d5ff8197cabfebef891fd04ef9c9d94cb2d50493666fcb

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-77-nzt: EggB1GY4tAFBDAHUZjgBAfdaMQEA
x-accel-expires: @1703740871
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78170
x-cache-lb: MISS
server: CDN77-Turbo
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc84657321f61c
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703136071

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 169ms
49ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=19
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-77-nzt: EgwB1GY4tAH3wDMBAAwBJRPCMQH3GQAAAA
x-accel-expires: @1703740232
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78809
x-cache-lb: HIT
server: CDN77-Turbo
x-age-lb: 78784
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc8465c794f81c
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703135457

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 173ms
53ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=19
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0c2b81d230ad18d607718457c19b4acedfdb18b2dc84f3f04a51ff8e4cf22a74

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-77-nzt: EggB1GY4tAFBDAElE8IxAfdaMQEA
x-accel-expires: @1703740871
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78170
x-cache-lb: MISS
server: CDN77-Turbo
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc84654a77e61c
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703136071

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 164ms
44ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-77-nzt: EgwB1GY4tAH3xDMBAAwB1GY4nAH3FgAAAA
x-accel-expires: @1703740231
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78810
x-cache-lb: HIT
server: CDN77-Turbo
x-age-lb: 78788
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc8465c2d8e81c
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703135453

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 172ms
53ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=2
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eeb9313c82b0f1390a33cd1b7f724ae5c645d90be84309da2dceaed7dc9a08ec

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-77-nzt: EggB1GY4tAFBDAElE8I0AfdaMQEA
x-accel-expires: @1703740871
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78170
x-cache-lb: MISS
server: CDN77-Turbo
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc8465a431e31c
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703136071

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 172ms
52ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=31
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-77-nzt: EgwB1GY4tAH3wjMBAAwBJRPCNAH3FwAAAA
x-accel-expires: @1703740232
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78809
x-cache-lb: HIT
server: CDN77-Turbo
x-age-lb: 78786
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc846558b9fd1c
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703135455

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 198ms
78ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=31
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c6c9ec4aa1d803fc61ea4a972c364f01d79b0fd94c56404973ed49f50dbc2c4c

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-77-nzt: EggB1GY4tAFBDAElE8IuAfdaMQEA
x-accel-expires: @1703740871
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78170
x-cache-lb: MISS
server: CDN77-Turbo
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc8465c2c5fb1c
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703136071

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 149ms
47ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3194
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 17:19:21 GMT
server: cloudflare
etag: W/"63c04119-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y54ddnm3Po0oE4%2Ft3DyOsm63EvuQ%2FEHsNsJOZf7F%2BRwi%2FhtyaEt9qTe8RsgJ9wbkFi%2FsosYkfcL4V05WefxCO2rMLirvp4IQdMKUNixrs0faF%2FvryxdZbtdlpAjBgXfAWsx43CEl"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 83952294a8851a49-FRA
expires: Sat, 23 Dec 2023 02:10:48 GMT

GET
H2 200 impl.v17.25.3.js Show response
live.demand.supply/ 88 KB
29 KB 125ms
124ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.25.3.js

Requested by

Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e80ccbe6fe88155e3bdff0b3860a79185986ccc01e184b511dbd71d78984650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id: 01HHMB5M6VR796DJ5TDG5A1MWG
date: Fri, 22 Dec 2023 03:04:01 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 650641
cf-polished: origSize=90268
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"be287328393ceb6ed6a54fab7371dec0-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 839522924aa690dd-FRA

GET
H2 200 ZmluYW5jYXNkZW91cm8uY29tLw== Show response
live.demand.supply/p4/v17-24-0/ 991 B
617 B 362ms
362ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-24-0/ZmluYW5jYXNkZW91cm8uY29tLw==
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8397b431450eb5b60d80f4ee40bc8ef56c4affea0214b7e5d4ba4a45618ed022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 839522924aa890dd-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 178ms
54ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=97290&f=28&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
server: nginx
x-iplb-request-id: 50FF0768:A9AA_36264064:01BB_6584FCA1_1AAFE706:0BB8
x-iplb-instance: 58123
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 125 KB
17 KB 62ms
62ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=28
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=28
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 588a3e6c2e3231f662bed4d69dc2a0359a0e33f37c5fb73ac1b52c6b9f34b30b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-nzt: EggB1GY4tAFBDAHUZjiZAfcTMQEA
x-accel-expires: @1703740942
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78099
x-cache-lb: MISS
server: CDN77-Turbo
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc8465f1cdef36
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703136142

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 183ms
55ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=97290&f=19&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
server: nginx
x-iplb-request-id: 50FF0768:A9B0_36264064:01BB_6584FCA1_163FDFB6:71C4
x-iplb-instance: 57880
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 124 KB
17 KB 50ms
50ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=19
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e7696f4025ec44b235203d98053e14776de89e9ae9bd16d1afdeba433fc0f421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-nzt: EggB1GY4tAFBDAElE8I0AfcTMQEA
x-accel-expires: @1703740942
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78099
x-cache-lb: MISS
server: CDN77-Turbo
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc84657189f236
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703136142

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 187ms
55ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=97290&f=2&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
server: nginx
x-iplb-request-id: 50FF0768:A9AE_36264064:01BB_6584FCA1_1644ABE7:3264
x-iplb-instance: 58097
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 124 KB
17 KB 84ms
84ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=2
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 93227ef1f3ff3e07bb5e719de8845f1e53e776f7fa24e55fbd7acd802984a44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-nzt: EggB1GY4tAFBDAHUZjgRAfcTMQEA
x-accel-expires: @1703740942
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78099
x-cache-lb: MISS
server: CDN77-Turbo
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc84658bccf436
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703136142

GET
H2 200 play.php Show response
playerhd.me/embed/ Frame C5DA 26 KB
4 KB 326ms
212ms Document
text/html 2606:4700:3035::ac43:b2a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://playerhd.me/embed/play.php?url=STZURUlJcGphVTU1d3lSQ292NSsxVUw3SkVVQ1VqWHoxa3p0ODhaaW9TNU13bUpzN0V6Mm1ZaU55Q3VuQVpwNjBGaXBHUjNqa1RnM1ZlcEpmSjlZbmxGZnhzQTIwcEp5T1J0cU1BQnZnVVhPNTdPbUNDT2NGd0JIaWVpbjVOT0c=
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b2a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc6b22eaf1cdef54bcc82d8464a9fe50c6441aa347519d6935bd78a718d32755

Request headers

Referer: https://financasdeouro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83952294bdc592a1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 03:04:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXtiFng444%2FNlYgMr29tq5uqpWcySqRJGIGlHaMdm%2FWvs063eoBQG%2FkDtrhSmTd9mUcog3ia%2FEs5829rodQHmbBrkiMD8Y4AGlcNpdxQvXSItGnFtQ58gQ8uJVxWcT0H%2BZ8XxGrHjGbn9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 186ms
54ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=97290&f=31&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
server: nginx
x-iplb-request-id: 50FF0768:A9AC_36264064:01BB_6584FCA1_1AAFE708:0BB8
x-iplb-instance: 58123
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 124 KB
17 KB 93ms
93ms Script
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=31
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=31
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8b3de74ce10d81cbf818a79d3e9540bfdc8281e62d118de5553fd98c042de114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-nzt: EggB1GY4tAFBDAHUZjgRAfcTMQEA
x-accel-expires: @1703740942
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-77-age: 78099
x-cache-lb: MISS
server: CDN77-Turbo
x-77-pop: frankfurtDE
x-77-nzt-ray: 6d204d1190923857a1fc8465b8261337
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1703136142

GET
DATA 200
OK truncated Show response
/ 354 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ed7262dc37e0537a508b3daa2fc9511a00f18d9d0a5efd31c30eacc2c2eb867

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 142ms
45ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3194
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 17:19:21 GMT
server: cloudflare
etag: W/"63c04119-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPXqQauQaOASmPpBLyUjmcwKbjGqlnDcxeXCkedOWcFaohY7OFhExnd%2FYeau%2FI6VdgmCnlIUuu20chy3apEpwjLilhuHK0%2FDXyMZDzwG9YWPlWeSXY5psGR0ymxKhAh8nND5DCws"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 83952294a8861a49-FRA
expires: Sat, 23 Dec 2023 02:10:48 GMT

GET
H3 200 Geometric-400.woff2
financasdeouro.com/bitch/fonts/ 9 KB
10 KB 188ms
188ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://financasdeouro.com/bitch/fonts/Geometric-400.woff2
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/bitch/css/style.css?v=2.0.39
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22abe317cc981f93a112f94a7bdd19ee68a2c436c4e2c6d242a7732849673cc3

Request headers

Referer: https://financasdeouro.com/bitch/css/style.css?v=2.0.39
Origin: https://financasdeouro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113565
alt-svc: h3=":443"; ma=86400
content-length: 9720
last-modified: Thu, 04 May 2023 07:48:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtbOHsHtJYCmrz%2FeQ1FFM366pwqIB7IYwmbruAzp%2BD8fVP%2F3WZdipCzDuzmG0%2B7XUtRfGbV3pz0SEG8Y1NVzWKgO3vO%2FO39Q82L04pu2nZGrS5icWUjBCp0HR%2B3759K2j%2F9zdLq09NPJ%2F%2FPpDE83IEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 839522947cb416a2-SJC
expires: Wed, 27 Dec 2023 19:31:17 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 167ms
123ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?e=ll&d=285&cs=c&dsReferer=ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id: 01HGAV9FETNR6K9A1SK2R43707
date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 73168
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 83952294593a9974-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 194ms
100ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd687a622f1b98c07951da92b18d142e9fa6baa4ba978c0c9f899d7d61b0f734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29504
x-xss-protection: 0
server: cafe
etag: 534 / 19713 / 31080056 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 03:04:02 GMT

GET
H3 200 ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8= Show response
live.demand.supply/p4/v17-24-0/ 1 KB
852 B 158ms
157ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-24-0/ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d9d5e9a931d0a6e25f7d5cde6aa9b3ab5b0ac4e6f218f999f1c19e02396d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 839522941c694dac-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
610 B 165ms
122ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/ds.2.html

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id: 01HJ3M6GRXJZ8MVNAT5HKDJZZ3
date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 83952294593b9974-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 187ms
98ms Fetch
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: linkae.club
URL: https://linkae.club/instagram/campanha.php?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25d6adbfc7ba027f901092b7b0fe0ea6622309348573ccc196430f0e049df72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51293
x-xss-protection: 0
server: cafe
etag: 17929616114829896400
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 03:04:02 GMT

GET
H3 200 financasdeouro.com_fluid_lb Show response
live.demand.supply/cp/ 29 B
369 B 301ms
270ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/financasdeouro.com_fluid_lb?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea2c092659963d3f030a5735495274a0ba0a9bccfcc6124e900498bf91b02331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 83952294593d9974-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 financasdeouro.com_fluid_lb Show response
live.demand.supply/cp/ 29 B
371 B 291ms
261ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/financasdeouro.com_fluid_lb?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea2c092659963d3f030a5735495274a0ba0a9bccfcc6124e900498bf91b02331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8395229459399974-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
516 B 87ms
57ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id: 01HGD0F4A6EY416D1QB3J2PNFC
date: Fri, 22 Dec 2023 03:04:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 119804
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "54863d6286da298ff963ed522a1a229b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 83952294593c9974-FRA

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 108 KB
36 KB 154ms
43ms Script
application/javascript 2.16.202.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39109b62bfd99a39e5105acb335eb7b72c1fb63bf6427d7fa8d0b4dea09556ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 03:04:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 36437
Expires: Fri, 22 Dec 2023 05:04:02 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
306 B 138ms
45ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 373899
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 4 KB
4 KB 206ms
54ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
last-modified: Wed, 06 Dec 2023 10:36:33 GMT
server: nginx/1.20.1
x-iplb-request-id: 50FF0768:C854_91EFC0A6:01BB_6584FCA2_213BE881:10B0
etag: "65704eb1-f36"
x-iplb-instance: 54208
content-type: application/javascript
accept-ranges: bytes
content-length: 3894

GET
H2 204 /
onetag-sys.com/usync/ Frame 9493 0
0 128ms
39ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1703214241963

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://financasdeouro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 191ms
41ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 29 Dec 2023 03:04:02 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12762/ 4 KB
4 KB 200ms
56ms Script
application/javascript 52.50.140.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12762/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.140.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-140-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 33a654617feb0bffafaae3b90f6ad3ba447ca41140b578cebcc3be1524df824a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
cache-control: public, max-age=2419200
content-length: 4396
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK mailNotification.php Show response
adtrack.adleadevent.com/ 0
859 B 286ms
56ms Script
application/x-javascript 54.171.165.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.165.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-165-5.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 03:04:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Dec 2023 03:04:02 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid8_17/build/dist/ 591 KB
192 KB 48ms
48ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid8_17/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=97290&formatId=19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0d1928272ce64ded948989f19e4c84706e60771eae4c6b404cf50ec38a767308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 22 Dec 2023 03:04:01 GMT
content-encoding: gzip
x-age-lb: 78782
x-77-cache: HIT
x-accel-date: 1703135459
x-77-nzt: EgwB1GY4tAH3vjMBAAwBJRPCKAH3HAAAAA
pragma: public
x-accel-expires: @1703221831
x-cache-lb: HIT
x-77-age: 78810
last-modified: Mon, 30 Oct 2023 21:04:41 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6d204d1190923857a1fc8465069b7d3a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 22 Dec 2023 05:10:31 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
208 B 342ms
242ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=ta4b69d56n&t=Constru%C3%A7%C3%A3o%20tem%20maior%20desempenho%20desde%202010&c=d&x=https%3A%2F%2Ffinancasdeouro.com%2Fconstrucao-tem-maior-desempenho-desde-2010%2F&y=https%3A%2F%2Ffinancasdeouro.com%2Fsocial.php%3Fsrc%3Dhttps%3A%2F%2Ffinancasdeouro.com%2F%3Fredirect_to%3Drandom&a=0&v=27&r=4108
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5b0c3910204441d636d32e3fbbecbec938f8450b1aadd1ddcfdcee8d525a0b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83952295ac2abc01-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 136ms
45ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffinancasdeouro.com%2F&domain=financasdeouro.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://financasdeouro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://financasdeouro.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 22 Dec 2023 03:04:01 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 242183
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
376 B 45ms
44ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffinancasdeouro.com%2F&domain=financasdeouro.com&cw=1&lsw=1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_17/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 03:04:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://financasdeouro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 263785
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 134 B
418 B 147ms
40ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_17/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://financasdeouro.com
date: Fri, 22 Dec 2023 03:04:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
Redirect Chain

https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2

3 KB
2 KB

165ms
41ms

Script
application/javascript

2600:9000:214f:2000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
Requested by: Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/
Protocol: H2
Server: 2600:9000:214f:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c71b9f860fe9bac0f75a98fcb50dc1c4f77e59201ef22001131d3a1adc20fcb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: br
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified: Wed, 22 Nov 2023 13:52:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 2
x-amz-server-side-encryption: AES256
etag: W/"ec43dec37a4eaf8ca7b754d3aee53c47"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jCtUR4ZiDc5WoAHzNhUPjWb0fsrARLjuhrESHUDcacg6R-MxkPL6JA==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
date: Fri, 22 Dec 2023 03:03:14 GMT
via: 1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 20:03:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 49
etag: "408e9e32ff11d19e90e67eb67eb171dc"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
location: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
content-length: 0
x-amz-cf-id: YUqPFZuyx4y5py9bnv6XYoHJrFeS50l-XVlDTQldLKuOlcP2SNCH2w==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2704
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Dec 2024 02:18:58 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 139ms
39ms Script
application/javascript 2600:9000:223c:8e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:40:58 GMT
content-encoding: gzip
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1389
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 7Nz-N7X4JKJ1ew1Nvm_8iJu0VkV-54tPKV9u745JDzPlPV90SdKG3g==

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 126ms
126ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=financasdeouro.com_fluid_lb&pdc=0.5496092796325683&ucv=null&e=tcp&dsReferer=ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id: 01HGAV9FETNR6K9A1SK2R43707
date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 73168
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 83952295f9d69974-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 44ms
44ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=da&r=financasdeouro.com_fluid_lb&dsReferer=ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id: 01HGD0F4A6EY416D1QB3J2PNFC
date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 119805
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "54863d6286da298ff963ed522a1a229b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 83952295f9d79974-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 46ms
46ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=financasdeouro.com_fluid_lb&pdc=0.5496092796325683&ucv=null&e=tcp&dsReferer=ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id: 01HGAV9FETNR6K9A1SK2R43707
date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 73168
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8395229609df9974-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 119ms
119ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=da&r=financasdeouro.com_fluid_lb&dsReferer=ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id: 01HGD0F4A6EY416D1QB3J2PNFC
date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 119805
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "54863d6286da298ff963ed522a1a229b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8395229609e09974-FRA

GET
H2 200 / Show response
meusanimesbr.com/watch/ Frame 6C17 24 KB
4 KB 350ms
211ms Document
text/html 2606:4700:3033::ac43:c917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meusanimesbr.com/watch/?hash=538559a7fbf9816979a2ea7793691a16&season=2&num=22&target=2
Requested by: Host: playerhd.me
URL: https://playerhd.me/embed/play.php?url=STZURUlJcGphVTU1d3lSQ292NSsxVUw3SkVVQ1VqWHoxa3p0ODhaaW9TNU13bUpzN0V6Mm1ZaU55Q3VuQVpwNjBGaXBHUjNqa1RnM1ZlcEpmSjlZbmxGZnhzQTIwcEp5T1J0cU1BQnZnVVhPNTdPbUNDT2NGd0JIaWVpbjVOT0c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 404ea20311ec76016cd3e0ea556fdef25cba45f5144ddd7ea3fe9217793a87e6

Request headers

Referer: https://playerhd.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83952296f9095d42-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 03:04:02 GMT
link: <https://meusanimesbr.com/wp-json/>; rel="https://api.w.org/" <https://meusanimesbr.com/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json" <https://meusanimesbr.com/?p=10>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qMygYPk8le%2BzXTykqch6Rs7zJiSZ98uDOyGFbC7HIoq3BnLm2G%2Bmzae7yAZKeG90xHQ6iEukc0MJoXJ8BG4YpFPlx76EaJYvCtuU5OEODeJpeorRDXa5Edmv%2BlKVNJAIIWONdban2MlNv9%2FTAyU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
278 B 135ms
40ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_17/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

173e28fa91944dfb834acd6a2416dd85a7b2e825fb99a7e7565ee98c76f1f2bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://financasdeouro.com
date: Fri, 22 Dec 2023 03:04:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 117ms
117ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=financasdeouro.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=ZmluYW5jYXNkZW91cm8uY29tL2NvbnN0cnVjYW8tdGVtLW1haW9yLWRlc2VtcGVuaG8tZGVzZGUtMjAxMC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id: 01HGAV9FETNR6K9A1SK2R43707
date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 73168
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 839522968a0d9974-FRA

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 12.json Show response
id5-sync.com/g/v2/ 251 B
535 B 120ms
40ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_17/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

f9e586f9a00225cdd1979821527ae4960ee7c7b3b33e0f99aa195ff4f0a55e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://financasdeouro.com
date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
44 KB 46ms
46ms Script
text/javascript 2600:9000:214f:2000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:17:02 GMT
content-encoding: gzip
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3433
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 06 Dec 2023 23:27:11 GMT
server: AmazonS3
etag: W/"50f82c7ed55d2acc412a5ede5e7b40f6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: UUSiVQ3n5JvgP9eundTTAY4gY25CQk_J2PG_n950fZvEnJRoTwOpOw==

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 12 KB
3 KB 122ms
40ms XHR
application/json 2600:9000:214f:2000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1eed86a7280da4a75506d5d2bd1a672f280f8865070d472c5c60fc8f1dcb6d5

Request headers

Accept: application/json, text/plain, */*
Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:00:44 GMT
content-encoding: br
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 199
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 03:00:42 GMT
server: AmazonS3
etag: W/"ba2fbb4ab4cfc38862cff823ce2773e8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: ggfD7-qxhH8SefxjbC7VkpQGq9W-kFjzzEX6mVGvZWBiofbZ6N1DUw==

GET
H2 200 sweetalert.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.0/ Frame 6C17 40 KB
11 KB 131ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.0/sweetalert.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meusanimesbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3449083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10495
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-9f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdkeiT4X0Q5UshiUJ9cGqke%2B2vcKiVFg2Oe2%2FozWaQgcAznXL1B6KIlrnbyesJmINk65XG6vJddV%2Fwoo%2Bjzx1OC7LYk1pSK7tGlywV1OAcGGl%2Fgyw95y%2FWSOAhOzAO22KDfGBEl88iN0cmb2nLQcE%2Fgl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83952298fd3e3835-FRA
expires: Wed, 11 Dec 2024 03:04:02 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 6C17 85 KB
27 KB 128ms
45ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meusanimesbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1150455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8UssHFOj4f9QMnYXJ%2Fau1LVClqfxb4ho4WT0PFsuOr2yLU%2F7CJXfvJ9zEG27HG13fczqnBN1%2BO48%2FtvdNXc4rMuw6pCK58%2Bi0m%2FT2TESv5iz2hvwa4z65cHbe9hQcJhPU5eVID1rySgAdO7uZ9a0p54"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83952298fd3f3835-FRA
expires: Wed, 11 Dec 2024 03:04:02 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/50/ 279 KB
73 KB 45ms
44ms Script
text/javascript 2600:9000:214f:2000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:12:10 GMT
content-encoding: gzip
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 137921
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Wed, 06 Dec 2023 23:27:04 GMT
server: AmazonS3
etag: W/"1140e593a3bca4a411e76bddf0dcac5d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: 9msrcLMnXOBgB2lsjP58xX2XpZHdNoh5VwTXSqGdopubUjMMNU9dDQ==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 553 KB
61 KB 47ms
47ms XHR
application/json 2600:9000:214f:2000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37e6c675aa9c713e4a3eab66100ef0c9f634247939591ecd080305adbd914923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 23:59:24 GMT
content-encoding: br
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 11078
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 23:59:20 GMT
server: AmazonS3
etag: W/"df36cfe1c3a1a5f3e3296378d4651485"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: ZWNdk4J2nezm6hqfA8JPSbErQztZIjXqCiTTMzYf_NsNcHWPZuEr-Q==

GET
H2 200 9.gif
id5-sync.com/i/12/ 43 B
920 B 40ms
40ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=

Requested by

Host: financasdeouro.com
URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://financasdeouro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 22 Dec 2023 03:04:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 142 KB
33 KB 97ms
97ms XHR
application/json 2600:9000:214f:2000:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd500dc338e9ea802f0122e9b5586953327acb1a431dacc95010011e55e935de

Request headers

Accept: application/json, text/plain, */*
Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:00:26 GMT
content-encoding: br
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 03:00:24 GMT
server: AmazonS3
etag: W/"218b11c379118f06891bfb95c7aa4503"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 8Edrgt9KaSBICV10uPqDmjCyr3hZu-_7uDB252Wu9C74T295qsHhtg==

GET
H2 200 index.php Show response
animeshls.com/player/ Frame 5848 76 KB
12 KB 681ms
398ms Document
text/html 2606:4700:3030::ac43:d00b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe
Requested by: Host: linkae.club
URL: https://linkae.club/instagram/campanha.php?id=alZMRVpGQUpoNXhSMWtqV0V3RlJFbmhKd3IzOUswMjMwdUp4TXlWYXYybkk3V28xWFMwODBGZVlYUDlGajQ2dmhBSHNXRmFuUVNMcHU0cnN4dDNZMjNSOFdicGtjeUZKSms4cENBeW03dmpKc2xEOFZUNk1rVnlzcVhnVHFZZkhTUFY3Tm9Udm5XcWE5V3FNWExSbE9HTDd0QnR0dS85YzVwMWRVMUlHRFRieTBvMkpsYzVVUnVycVFrdm0zU2tlRFNyUW5OSGVrbkJSZnZ5alQyZzFWdEEzWE5hQ0drZCtwRkZzTklNdVZJdkNhN3NsSFNNR3oySkEzUDJsRlNpcTJJN01KTGtxVUJzbDlxWGRZbjNqd0E9PQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d00b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a900cdf5c7e8e480df906ac14a672e46a5b0a9537a4fa50655554c6554b95ff

Request headers

Referer: https://meusanimesbr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8395229b69a08000-IAD
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 03:04:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYUPi783FR%2BYoZMwqnfrypDsmYFCdQRsckSRyYpa8ZVc0%2B2LtBBxh6oxagEnT2OSDRByiP35B9FcbhdVBibLlDazw1gUoLJACnrQNznXP2kLe9qItuulgF2BKbpvvsVLEhZL0LQa0niN%2Bv9D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 245ms
40ms XHR
text/plain 3.120.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22financasdeouro.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.50%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22JdpIh1wN33NiXwc3%2Fem6FQ%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1703214242793%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-x83vukzvu6xq71x5zj53%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.120.118.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-118-60.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://financasdeouro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 03:04:03 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ Frame 5848 95 KB
33 KB 194ms
56ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: animeshls.com
URL: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:03 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 8413636
x-cache: HIT, HIT
content-length: 33738
x-served-by: cache-lga21956-LGA, cache-sof1510039-SOF
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1703214244.765867,VS0,VE0
etag: W/"28feccc0-17b8b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 206, 357934

GET
H2 200 scripts.php Show response
animeshls.com/player/ Frame 5848 7 KB
3 KB 275ms
266ms Script
application/javascript 2606:4700:3030::ac43:d00b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animeshls.com/player/scripts.php?v=3
Requested by: Host: animeshls.com
URL: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d00b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5aa8bd6ad27bfa57b58f22fe6a4eceb6aa79eb0a07eaeef2758903ecc54f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmDgr0R0zmuXzMw5aIXxQwS1K2AbovFTNGvsVyI9hU%2BXIWENWWe0%2FL1lqi%2BunhMzs1XJ9TKgTJSa3zYT9EIIWPgqeHxDR3jJT9djYRxBcLsXiPPBtaIBvPlxAtGMFeXKJLjau9%2Ff7%2BZnhnD6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8395229efd758000-IAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/latest/css/ Frame 5848 30 KB
7 KB 141ms
47ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css

Requested by

Host: animeshls.com
URL: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 4409458
cdn-cachedat: 2021-06-08 14:00:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bfcbb4a28133a52cdff11100ba633437
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 8395229f4dcc30d0-FRA
cdn-requestpullsuccess: True

GET
H3 200 close.png
animeshls.com/player/assets/subtitlemanager/ Frame 5848 1 KB
2 KB 130ms
130ms Image
image/png 2606:4700:3030::ac43:d00b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animeshls.com/player/assets/subtitlemanager/close.png
Requested by: Host: animeshls.com
URL: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d00b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d673b737e482cc8f5ae9957691be3bf9d9857d6223492278de1b745f5ba49b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:03 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 21 Oct 2020 12:07:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f902464-40f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNNr8eFs8mbdiBW7i0Z8wW0LuY3D4Et7puD8o455OY3Yg%2Ff7cADIVQhQGOoq8Wsl%2FprK%2FqBgHY8hfiktbXRTV502ry7fs30Zyerstbx%2ByQ%2BRLaWWLP5XNTC5m%2F9%2FXScTeDVIOL%2FuinwjwdQn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8395229ffeb79c0a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1039

GET
H2 200 hDZaZjnc.js Show response
content.jwplatform.com/libraries/ Frame 5848 109 KB
41 KB 158ms
45ms Script
text/javascript 2600:9000:225e:3a00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/hDZaZjnc.js
Requested by: Host: animeshls.com
URL: https://animeshls.com/player/scripts.php?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 1cb184523f485ef99a483c6c72f216e335e44feaa5a45692254e31e52b2b1359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:03:41 GMT
content-encoding: gzip
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 23
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 41433
x-amz-cf-id: LxGUB7OpdOACCDiyBLYE150DfMH8toAWpeXHfzXE3-qK6iNbYEA6PQ==

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ Frame 5848 65 KB
20 KB 247ms
112ms Script
application/javascript 2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/jwpsrv.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hDZaZjnc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: gzip
via: 1.1 varnish
age: 89
x-cache: HIT
content-length: 19890
x-served-by: cache-sof1510020-SOF
last-modified: Thu, 14 Dec 2023 19:59:18 GMT
server: AmazonS3
x-timer: S1703214244.393480,VS0,VE0
etag: "1a96e7c0d0040b922d2458e3bc2cfe7f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 29

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ Frame 5848 318 KB
83 KB 241ms
112ms Script
application/javascript 2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/jwplayer.core.controls.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hDZaZjnc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3213348
x-cache: HIT
content-length: 85284
x-served-by: cache-sof1510020-SOF
last-modified: Mon, 13 Nov 2023 20:12:20 GMT
server: AmazonS3
x-timer: S1703214244.393477,VS0,VE0
etag: "95e4ba794923b67ae5be72627198a8b3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 757059

GET
H2 200 pt.json Show response
ssl.p.jwpcdn.com/player/v/8.30.1/translations/ Frame 5848 4 KB
2 KB 186ms
58ms XHR
application/json 2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/translations/pt.json
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hDZaZjnc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e131cde2cb0c7a07be92160d5080716139f800636d471cd2c0a5e3c1310cf4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2286929
x-cache: HIT
content-length: 1449
x-served-by: cache-sof1510021-SOF
last-modified: Mon, 13 Nov 2023 20:12:33 GMT
server: AmazonS3
x-timer: S1703214244.395617,VS0,VE0
etag: "d38ea3780a421961071427e9dd1f73a3"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 3026

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ Frame 5848 413 KB
124 KB 181ms
56ms Script
application/javascript 2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hDZaZjnc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3213349
x-cache: HIT
content-length: 126154
x-served-by: cache-sof1510020-SOF
last-modified: Mon, 13 Nov 2023 20:12:23 GMT
server: AmazonS3
x-timer: S1703214244.393333,VS0,VE0
etag: "c735ce7c150fe5e0fdf3e61f12fd8527"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 738984

GET
H2 200 thumbnails.vtt Show response
anionhls.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/thumbnails/ Frame 5848 6 KB
1 KB 264ms
126ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anionhls.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/thumbnails/thumbnails.vtt
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hDZaZjnc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161623a7a78f153b95dec48329122964372a8af38d380a95b412ca39f3cf7e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 22:16:46 GMT
server: cloudflare
etag: W/"6584b94e-1638"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47sR8Bm0i%2B4FbcEPiULDZiqCM4i75LD%2FXw1X8dYpu84arBxbnkfxVWhK1yhSZ2d8kIJULRoG8D0k8shfcHqr5sKuXsUAJqwdlKEU%2BQLtl0Md1QupTJHtePM4L8fU2TjxWkGFNPAdX1TOZhkX"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 839522a619fc6fc0-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Range
expires: Sat, 21 Dec 2024 03:04:04 GMT

GET
H2 200 provider.cast.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ Frame 5848 30 KB
10 KB 57ms
57ms Script
application/javascript 2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.cast.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hDZaZjnc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3212922
x-cache: HIT
content-length: 10035
x-served-by: cache-sof1510020-SOF
last-modified: Mon, 13 Nov 2023 20:12:23 GMT
server: AmazonS3
x-timer: S1703214245.691733,VS0,VE0
etag: "11ee85ad71debb9f00a186341c5562fb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 442765

GET
H3 200 master.txt Show response
animeshls.com/cdn/hls/8166ae8c715d6085346d104734ca6ea6/ Frame 5848 413 B
904 B 148ms
148ms XHR
text/plain 2606:4700:3030::ac43:d00b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animeshls.com/cdn/hls/8166ae8c715d6085346d104734ca6ea6/master.txt?s=1&d=
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d00b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ee9d17943251324874eb9de938d9573aad30c009f7b3ba70acbd4dbfffd7ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlDicszZzqXRMx3XD9OtY5SNWacAvUsSg2xaJqdui0uAgpkyAZ6%2BoRjjPF%2FbzDE9%2FwbaRRD8pBCgXqKmmxFMUUK5Z4yWUkkKkz3NdGtNjF51bu1TUzrsuaRcfdVqjDEVHfN7PMxzWIskJOW0"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex,nofollow,noarchive,nosnippet,noydir,noodp
cf-ray: 839522a54a2a9c0a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5848 4 KB
2 KB 148ms
55ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hDZaZjnc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 03:04:04 GMT

GET
H3 200 aFFjeWxvZFYvN1VLcjNnNnZ4b2FBRWp1aUJydjR1NDcxV0NIWlJkWGVUMktCK2YyTG55dEJWcDgwd2F2dERTckNsd2llRjlnSFNUYk5waEZHMm5rc1lrRC9JWGY2aEZnejFLKytxVW1TUTFodFhud3RpcUJXUVYzbFYzM1JvV0xIQkUxMXV6cENMOXJQYW9DYXRHY... Show response
animeshls.com/m3/ Frame 5848 45 KB
4 KB 94ms
93ms XHR
text/plain 2606:4700:3030::ac43:d00b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animeshls.com/m3/aFFjeWxvZFYvN1VLcjNnNnZ4b2FBRWp1aUJydjR1NDcxV0NIWlJkWGVUMktCK2YyTG55dEJWcDgwd2F2dERTckNsd2llRjlnSFNUYk5waEZHMm5rc1lrRC9JWGY2aEZnejFLKytxVW1TUTFodFhud3RpcUJXUVYzbFYzM1JvV0xIQkUxMXV6cENMOXJQYW9DYXRHYkZmZG13Z2tkTWg2ZjJ1OG9odGVFQ3JFSnZUWUJTMUkvb0crWTVjd1pFWG0w
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d00b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d123fc76de8280cfa9fe8f6a423eeb440790a7ffa9762a4b7e2d926eb46814b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/player/index.php?data=d5bbac9c0f6a055d48acb3356f2391fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9SiJkUaqm5T6JjDcPQD3eYg84Th7bCJsFdORDbRSJUF%2FHLxJA3w2r%2F0WOSuuXJur%2FNo2WNCzjKqblGRRXSSPZ2SY0SlOBINsMVVlzT5bk3GZg9OW5rBMO9QYDZ51pdU%2B0jv1oRjzof7kW8x"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex,nofollow,noarchive,nosnippet,noydir,noodp
cf-ray: 839522a65aac9c0a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 5848 35 KB
12 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Fri, 22 Dec 2023 03:04:04 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 5848 50 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 10:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 22 Dec 2023 10:02:13 GMT

GET
H2 200 720p0.jpg Show response
anionhls.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/ Frame 5848 343 KB
344 KB 57ms
57ms XHR
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anionhls.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/720p0.jpg
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6cb5aaae79f6ef5a454640d75a124431c931fb7063d5a2146a37e54da7b255c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16753
alt-svc: h3=":443"; ma=86400
content-length: 350996
last-modified: Thu, 21 Dec 2023 22:16:46 GMT
server: cloudflare
etag: "6584b94e-55b14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSbEMcEUXUNnNPjnsyeWdIn%2BdCvmvILc3iIoIRgf3%2B9FdZOiwNAKRkqa8aSWdcJ0cHZ4yflJ7vglJtAAr50SmooDeXm%2B0WwbD71xyKq%2FXWxV4mlOd7g2a%2FBYcXcn1fL5eKs7c1s%2Fe0uOVGXe"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 839522a79aae6fc0-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Range
expires: Fri, 20 Dec 2024 22:24:52 GMT

GET
BLOB 200
OK e08b8b5d-d424-4e61-9ab8-1c11ab023da4
https://animeshls.com/ Frame 5848 366 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://animeshls.com/e08b8b5d-d424-4e61-9ab8-1c11ab023da4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 374591
Content-Type: text/javascript

GET
H2 200 720p1.jpg Show response
anionhls2.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/ Frame 5848 336 KB
337 KB 247ms
130ms XHR
image/jpeg 2606:4700:3032::6815:d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anionhls2.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/720p1.jpg
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03efb4bd33aeb03d97f2c7962f6502058305f1529c8572bc4ea58ea090f12f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 343852
last-modified: Thu, 21 Dec 2023 22:16:46 GMT
server: cloudflare
etag: "6584b94e-53f2c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZZCg4zMxPUK5FcRdPXIK774fSiJ%2FrLc4uU2bLN9pKPFYrd72qHX2IchrVGqiPXdStaz5xsVMx1MF5oKrJ%2FizC3Z5fFgJBJ3G7gbdJx3nOUWfhgV7BV9UzlmQdf7kF4pDsa7EnN71ITK0mBpmw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 839522a9e9bb2c36-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Range
expires: Sat, 21 Dec 2024 03:04:05 GMT

GET
H2 200 720p2.jpg Show response
anionhls3.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/ Frame 5848 336 KB
337 KB 246ms
130ms XHR
image/jpeg 2606:4700:3035::6815:15e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anionhls3.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/720p2.jpg
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:15e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e007775c4b29a13e0729a263fbbc091ad88850d299f6dad724eb84eacfcdd98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 343852
last-modified: Thu, 21 Dec 2023 22:16:46 GMT
server: cloudflare
etag: "6584b94e-53f2c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9NQjL6XY4lw4xo0joM41v9D%2BvcDcxnhZtuQrSN1YKStMivxicUE9W%2BHMwzSt3cLJ23A8GKAmKnQvAJor8qlM00Z2LPvHp8oJ56B2Rs1i746AvRYIy7gitvFskY9Xk4sdBXHFJhJYLCSsODdGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 839522ac8a6d2bc2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Range
expires: Sat, 21 Dec 2024 03:04:05 GMT

GET
H2 200 720p3.jpg Show response
anionhls4.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/ Frame 5848 357 KB
358 KB 242ms
133ms XHR
image/jpeg 2606:4700:3035::ac43:9034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anionhls4.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/720p3.jpg
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7474e4a322f2514677d8b23822ec1bb75846263432743b1eeedb913017e8db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 365284
last-modified: Thu, 21 Dec 2023 22:16:46 GMT
server: cloudflare
etag: "6584b94e-592e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcED%2FA1iziMAvQWN%2BDmNQgAFl89LbTEANh%2BjXIU2fY5s%2FE2NhssRYTaaZB6wsZEh1naInmb44emhh05WNdd7AwVW2qUYUNRK9PRjFz%2Bg8Zpz00zqcDg7WOZIGQunR3GFwWKdQgp01tQb6%2FxrlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 839522aebc2303b8-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Range
expires: Sat, 21 Dec 2024 03:04:06 GMT

GET
H2 200 720p4.jpg
anionhls5.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/ Frame 5848 382 KB
383 KB 290ms
162ms XHR
image/jpeg 2606:4700:3035::6815:2e7d

General

Check archive.org

Show headers Download Go to

Full URL: https://anionhls5.site/cdn/down/8166ae8c715d6085346d104734ca6ea6/720p/720p4.jpg
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e7d -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://animeshls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:04:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 391040
last-modified: Thu, 21 Dec 2023 22:16:46 GMT
server: cloudflare
etag: "6584b94e-5f780"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyQqSHstPyMPW8j7V0OW9pgZdt4h%2B84AVbaz8A0qv%2FM7jH5RsSz9RKru3N%2F8DmNQJSaxEJr5wHslpu1f6BDDJa7EPyROvTPrSz4S0Tg7VYDoJndPbMxnsAPGRF5YpbqACPQavNhJrzID5nYvJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 839522b12ebbb7f7-AMS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Range
expires: Sat, 21 Dec 2024 03:04:06 GMT

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
financasdeouro.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d51f48af1cc710ddf250e4e830dfdf63
live.demand.supply/	1970-01-21 02:42:54	Name: demandSupplyTi Value: f81a3498-6dcf-4e96-a39d-74fc7bfad019
.demand.supply/	1970-01-20 17:06:56	Name: __cf_bm Value: BPe4UjlROoRqrf54lmO0koPVar9gbuoEaQkDUtIP9hs-1703214241-1-AfiivWrS5BpcWQJe1YMk3HL1fIp8hX2FdZORX4wRCqNUPbRGoq8RnxyDCpjTlMd4XzN+p+ci8fW8GaM6dEHjjDk=
.financasdeouro.com/	1970-01-20 19:16:30	Name: sharedid Value: 59e93508-ef2b-4397-9c69-f2185b031a89
.financasdeouro.com/	1970-01-20 19:16:30	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
adtrack.adleadevent.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 9FC54D150466C174912E5199B1F8E822A79961F459222A4796B3BC5A624746187924E5A9D85256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://live.demand.supply/up.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/disable-devtool, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.themoneytizer.com/s/gen.js?type=28, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=28, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.themoneytizer.com/s/gen.js?type=19, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=19, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.themoneytizer.com/s/gen.js?type=2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.themoneytizer.com/s/gen.js?type=31, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://financasdeouro.com/construcao-tem-maior-desempenho-desde-2010/(Line 71) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.themoneytizer.com/s/requestform.js?siteId=97290&formatId=31, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering	warning	URL: https://content.jwplatform.com/libraries/hDZaZjnc.js(Line 9) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adtrack.adleadevent.com
animeshls.com
anionhls.site
anionhls2.site
anionhls3.site
anionhls4.site
anionhls5.site
api.cmp.inmobi.com
c.tmyzer.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ced.sascdn.com
cmp.inmobi.com
cmp.quantcast.com
code.jquery.com
content.jwplatform.com
financasdeouro.com
gum.criteo.com
id5-sync.com
lb.eu-1-id5-sync.com
linkae.club
live.demand.supply
maxcdn.bootstrapcdn.com
meusanimesbr.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
playerhd.me
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.p.jwpcdn.com
tag.leadplace.fr
waust.at
whos.amung.us
www.gstatic.com
141.95.98.64
145.239.192.166
162.19.138.82
2.16.202.120
2600:9000:214f:2000:1b:cadc:ef40:93a1
2600:9000:223c:8e00:6:44e3:f8c0:93a1
2600:9000:225e:3a00:1:a3fa:7cc0:93a1
2600:9000:2644:ee00:9:46dc:4700:93a1
2606:4700:10::6816:4aab
2606:4700:20::681a:507
2606:4700:3030::ac43:d00b
2606:4700:3032::6815:d6a
2606:4700:3033::ac43:c917
2606:4700:3035::6815:15e
2606:4700:3035::6815:2e7d
2606:4700:3035::ac43:9034
2606:4700:3035::ac43:b2a4
2606:4700:3037::ac43:9530
2606:4700::6810:5714
2606:4700::6810:8616
2606:4700::6811:190e
2606:4700::6812:acf
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:808::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a02:2638:3::c
2a02:6ea0:c700::22
2a04:4e42:400::626
2a04:4e42:400::649
2a06:98c1:3120::3
2a06:98c1:3121::3
3.120.118.60
51.89.9.254
52.50.140.7
54.171.165.5
54.38.64.100
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
03efb4bd33aeb03d97f2c7962f6502058305f1529c8572bc4ea58ea090f12f28
0c2b81d230ad18d607718457c19b4acedfdb18b2dc84f3f04a51ff8e4cf22a74
0d1928272ce64ded948989f19e4c84706e60771eae4c6b404cf50ec38a767308
0e007775c4b29a13e0729a263fbbc091ad88850d299f6dad724eb84eacfcdd98
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
146f0dabd339716f2f0cc2d54fc8ab2ca317f6f3216cb9cb83111e3d3e26db68
15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
161623a7a78f153b95dec48329122964372a8af38d380a95b412ca39f3cf7e99
173e28fa91944dfb834acd6a2416dd85a7b2e825fb99a7e7565ee98c76f1f2bd
1cb184523f485ef99a483c6c72f216e335e44feaa5a45692254e31e52b2b1359
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839
21e3619d1436377e6f493faf900b862c3ad1fdda5cdfc9e988a624ef4aa50fcf
22abe317cc981f93a112f94a7bdd19ee68a2c436c4e2c6d242a7732849673cc3
25d6adbfc7ba027f901092b7b0fe0ea6622309348573ccc196430f0e049df72f
2d123fc76de8280cfa9fe8f6a423eeb440790a7ffa9762a4b7e2d926eb46814b
2eb113e9d0d4ea66e333441e211ac6835f3d4429534c048a6277cb58731fd32b
33a654617feb0bffafaae3b90f6ad3ba447ca41140b578cebcc3be1524df824a
37e6c675aa9c713e4a3eab66100ef0c9f634247939591ecd080305adbd914923
39109b62bfd99a39e5105acb335eb7b72c1fb63bf6427d7fa8d0b4dea09556ff
3e80ccbe6fe88155e3bdff0b3860a79185986ccc01e184b511dbd71d78984650
404ea20311ec76016cd3e0ea556fdef25cba45f5144ddd7ea3fe9217793a87e6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
45d9d5e9a931d0a6e25f7d5cde6aa9b3ab5b0ac4e6f218f999f1c19e02396d80
4706038b3307c77004d5ff8197cabfebef891fd04ef9c9d94cb2d50493666fcb
4dd00a6c843fa8c9388bfe827d73c0de2aa6dabbbc62bc5db30a3ad8c7986cea
53bc1f5f6d88ee88553a200df4f0c3600131d86615eedda8897e20360b95e77a
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
588a3e6c2e3231f662bed4d69dc2a0359a0e33f37c5fb73ac1b52c6b9f34b30b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a900cdf5c7e8e480df906ac14a672e46a5b0a9537a4fa50655554c6554b95ff
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc
6ed7262dc37e0537a508b3daa2fc9511a00f18d9d0a5efd31c30eacc2c2eb867
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8397b431450eb5b60d80f4ee40bc8ef56c4affea0214b7e5d4ba4a45618ed022
8b3de74ce10d81cbf818a79d3e9540bfdc8281e62d118de5553fd98c042de114
93227ef1f3ff3e07bb5e719de8845f1e53e776f7fa24e55fbd7acd802984a44c
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16
9d08d3d3319bf929a2e38810f8981203ae3ddaa55438bd05a29731f390ba19ab
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3
a6cb5aaae79f6ef5a454640d75a124431c931fb7063d5a2146a37e54da7b255c
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee
b140d686a6c1e8d941cb2400e1144911dc61ecceab5bc6fe54d17275221888c5
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c2d673b737e482cc8f5ae9957691be3bf9d9857d6223492278de1b745f5ba49b
c6c9ec4aa1d803fc61ea4a972c364f01d79b0fd94c56404973ed49f50dbc2c4c
c71b9f860fe9bac0f75a98fcb50dc1c4f77e59201ef22001131d3a1adc20fcb0
c7474e4a322f2514677d8b23822ec1bb75846263432743b1eeedb913017e8db6
cb5aa8bd6ad27bfa57b58f22fe6a4eceb6aa79eb0a07eaeef2758903ecc54f38
d1eed86a7280da4a75506d5d2bd1a672f280f8865070d472c5c60fc8f1dcb6d5
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f
dd687a622f1b98c07951da92b18d142e9fa6baa4ba978c0c9f899d7d61b0f734
e131cde2cb0c7a07be92160d5080716139f800636d471cd2c0a5e3c1310cf4f5
e1ee9d17943251324874eb9de938d9573aad30c009f7b3ba70acbd4dbfffd7ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f
e7696f4025ec44b235203d98053e14776de89e9ae9bd16d1afdeba433fc0f421
ea2c092659963d3f030a5735495274a0ba0a9bccfcc6124e900498bf91b02331
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eeb9313c82b0f1390a33cd1b7f724ae5c645d90be84309da2dceaed7dc9a08ec
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5b0c3910204441d636d32e3fbbecbec938f8450b1aadd1ddcfdcee8d525a0b3
f9e586f9a00225cdd1979821527ae4960ee7c7b3b33e0f99aa195ff4f0a55e5f
fc6b22eaf1cdef54bcc82d8464a9fe50c6441aa347519d6935bd78a718d32755
fd500dc338e9ea802f0122e9b5586953327acb1a431dacc95010011e55e935de

financasdeouro.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

98 %HTTPS

76 %IPv6

36 Domains

37 Subdomains

37 IPs

5 Countries

3082 kBTransfer

7054 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

financasdeouro.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

98 %
HTTPS

76 %
IPv6

36
Domains

37
Subdomains

37
IPs

5
Countries

3082 kB
Transfer

7054 kB
Size

6
Cookies

97 HTTP transactions
2 data transactions