emprestimosim.com.br Open in urlscan Pro
52.151.244.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://emprestimosim.com.br/
Submission: On December 13 via manual (December 13th 2022, 12:36:34 pm UTC) from BR — Scanned from DE

Summary HTTP 199 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 86 IPs in 10 countries across 70 domains to perform 199 HTTP transactions. The main IP is 52.151.244.28, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is emprestimosim.com.br.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 11th 2022. Valid for: a year.

This is the only time emprestimosim.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	52.151.244.28 52.151.244.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	52.215.57.152 52.215.57.152	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:20:... 2606:4700:20::ac43:494b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.207.128.163 44.207.128.163	14618 (AMAZON-AES) (AMAZON-AES)
2	177.54.158.78 177.54.158.78	262287 (Latitude....) (Latitude.sh LTDA)
3	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:83bb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:47d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
3	2a03:2880:f17... 2a03:2880:f173:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.69 13.32.27.69	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	18.66.112.106 18.66.112.106	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
4	2a05:d018:94a... 2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	54.94.210.1 54.94.210.1	16509 (AMAZON-02) (AMAZON-02)
5	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	99.80.34.209 99.80.34.209	16509 (AMAZON-02) (AMAZON-02)
5	95.101.111.42 95.101.111.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
3	2606:4700:303... 2606:4700:3030::ac43:a84c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	54.207.14.86 54.207.14.86	16509 (AMAZON-02) (AMAZON-02)
4 5	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.84.230.86 54.84.230.86	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	35.158.31.44 35.158.31.44	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.194.160.80 54.194.160.80	16509 (AMAZON-02) (AMAZON-02)
1	88.221.168.23 88.221.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.196.238.199 18.196.238.199	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
1	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	18.158.8.202 18.158.8.202	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	52.213.249.147 52.213.249.147	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.158.195.201 35.158.195.201	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:7c0:9dd:bfc5:265a	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.31.94.14 184.31.94.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.155.179.95 54.155.179.95	16509 (AMAZON-02) (AMAZON-02)
2 6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.252.45.249 34.252.45.249	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6811:5459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.117.134.138 185.117.134.138	204006 (IQOPTION) (IQOPTION)
1 1	45.60.156.148 45.60.156.148	19551 (INCAPSULA) (INCAPSULA)
1	13.59.93.104 13.59.93.104	16509 (AMAZON-02) (AMAZON-02)
2	138.197.230.29 138.197.230.29	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
2	144.126.250.218 144.126.250.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.156.53.91 104.156.53.91	29802 (HVC-AS) (HVC-AS)
3	52.28.121.127 52.28.121.127	16509 (AMAZON-02) (AMAZON-02)
1 1	51.158.28.82 51.158.28.82	12876 (Online SAS) (Online SAS)
1 2	51.15.145.116 51.15.145.116	12876 (Online SAS) (Online SAS)
2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
199	86

49 52.151.244.28 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

emprestimosim.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

9568187.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.57.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-57-152.eu-west-1.compute.amazonaws.com

smct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:494b (United States)

ASN13335 (CLOUDFLARENET, US)

plugins.soclminer.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.128.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-128-163.compute-1.amazonaws.com

secure.afilio.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 177.54.158.78 (Brazil)

ASN262287 (Latitude.sh LTDA, BR)
PTR: game.strongerhosting.com.br

advcake.dataroyal.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hitbr.acstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rtg.admasters.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:83bb (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:47d (United States)

ASN13335 (CLOUDFLARENET, US)

js.smct.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-69.fra56.r.cloudfront.net

ls.smct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-106.fra56.r.cloudfront.net

d2d7do8qaecbru.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

cognito-identity.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.94.210.1 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-210-1.sa-east-1.compute.amazonaws.com

event.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-14643-9.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.34.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-34-209.eu-west-1.compute.amazonaws.com

firehose.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.101.111.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-42.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:a84c (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.rubiconredirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scripts.rubiconredirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.207.14.86 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-207-14-86.sa-east-1.compute.amazonaws.com

cms.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.180 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.230.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-230-86.compute-1.amazonaws.com

api.soclminer.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.31.44 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-31-44.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.160.80 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-160-80.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.238.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-238-199.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.249.147 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-249-147.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.195.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-195-201.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:7c0:9dd:bfc5:265a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.94.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-94-14.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.179.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-179-95.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

redirect.lista10.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
altopd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk.datnova.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.45.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-45-249.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:5459 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

br.betano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.117.134.138 (Cyprus) 1 redirects

ASN204006 (IQOPTION, CY)

iqbroker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.156.148 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

affiliate.iqbroker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.59.93.104 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-59-93-104.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.197.230.29 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rd.afftrack.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.126.250.218 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

tags.fulllab.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.156.53.91 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: 104-156-53-91.static.hvvc.us

rtgpix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.121.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-121-127.eu-central-1.compute.amazonaws.com

pixel.adensemble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.82 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 51-158-28-82.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.15.145.116 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 51-15-145-116.rev.poneytelecom.eu

js.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	emprestimosim.com.br emprestimosim.com.br	952 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 399 mug.criteo.com — Cisco Umbrella Rank: 3032 sslwidget.criteo.com — Cisco Umbrella Rank: 1722 widget.us.criteo.com — Cisco Umbrella Rank: 22535 dis.criteo.com — Cisco Umbrella Rank: 700	14 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1311 k.clarity.ms — Cisco Umbrella Rank: 9569 c.clarity.ms — Cisco Umbrella Rank: 1818	24 KB
8	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 52466 d.tailtarget.com — Cisco Umbrella Rank: 62320 tt-14643-9.seg.t.tailtarget.com b.t.tailtarget.com — Cisco Umbrella Rank: 46319 t.tailtarget.com — Cisco Umbrella Rank: 6402	23 KB
8	doubleclick.net 3 redirects 9568187.fls.doubleclick.net — Cisco Umbrella Rank: 260941 stats.g.doubleclick.net — Cisco Umbrella Rank: 81 pubads.g.doubleclick.net — Cisco Umbrella Rank: 419 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	5 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1066 trc.taboola.com — Cisco Umbrella Rank: 693 pips.taboola.com — Cisco Umbrella Rank: 1593 cds.taboola.com — Cisco Umbrella Rank: 1674 trc-events.taboola.com — Cisco Umbrella Rank: 1667 sync-t1.taboola.com — Cisco Umbrella Rank: 1270	22 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 218 secure.adnxs.com — Cisco Umbrella Rank: 430	7 KB
6	amazonaws.com cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 11576 firehose.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 13258	3 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	54 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 789	95 KB
5	getblue.io event.getblue.io — Cisco Umbrella Rank: 33249 widget.getblue.io — Cisco Umbrella Rank: 35046 cms.getblue.io — Cisco Umbrella Rank: 44970	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 7952 adservice.google.de — Cisco Umbrella Rank: 11832	1 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 373 c.bing.com — Cisco Umbrella Rank: 256	14 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 446	113 KB
3	adensemble.com pixel.adensemble.com — Cisco Umbrella Rank: 105304	4 KB
3	iqbroker.com 2 redirects iqbroker.com — Cisco Umbrella Rank: 122663 affiliate.iqbroker.com — Cisco Umbrella Rank: 183213	2 KB
3	rubiconredirect.com pixel.rubiconredirect.com — Cisco Umbrella Rank: 521445 scripts.rubiconredirect.com — Cisco Umbrella Rank: 160263	35 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	234 B
3	smct.io js.smct.io — Cisco Umbrella Rank: 36922	33 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	55 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	198 KB
2	sddan.com 1 redirects js.sddan.com — Cisco Umbrella Rank: 40085	5 KB
2	fulllab.com.br tags.fulllab.com.br — Cisco Umbrella Rank: 409940	3 KB
2	afftrack.pro rd.afftrack.pro — Cisco Umbrella Rank: 415740	1 KB
2	betano.com 1 redirects br.betano.com — Cisco Umbrella Rank: 109377	449 B
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 63750	2 KB
2	lista10.dev redirect.lista10.dev — Cisco Umbrella Rank: 341864	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 206	2 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 684	854 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1317	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	877 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1199 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	1 KB
2	admasters.media rtg.admasters.media — Cisco Umbrella Rank: 292088	28 KB
2	soclminer.com.br plugins.soclminer.com.br — Cisco Umbrella Rank: 124660 api.soclminer.com.br — Cisco Umbrella Rank: 136513	76 KB
2	smct.co smct.co — Cisco Umbrella Rank: 23735 ls.smct.co — Cisco Umbrella Rank: 85256	4 KB
1	datnova.com trk.datnova.com — Cisco Umbrella Rank: 212273	962 B
1	cookieless-data.com 1 redirects js.cookieless-data.com — Cisco Umbrella Rank: 6160	650 B
1	rtgpix.com rtgpix.com — Cisco Umbrella Rank: 472186
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 19084	246 B
1	altopd.com altopd.com — Cisco Umbrella Rank: 122812
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1795	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 549	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1924	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 5106	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 41808	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2306	183 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1294	879 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2571	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 448	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 827	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1537	163 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 770	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 350	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1872	172 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 563	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 506	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 321	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 737	145 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 553	787 B
1	metaffiliation.com img.metaffiliation.com — Cisco Umbrella Rank: 81726	10 KB
1	acstat.com hitbr.acstat.com — Cisco Umbrella Rank: 193815	529 B
1	cloudfront.net d2d7do8qaecbru.cloudfront.net	812 B
1	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 51528	33 KB
1	dataroyal.com.br advcake.dataroyal.com.br — Cisco Umbrella Rank: 208497	14 KB
1	afilio.com.br secure.afilio.com.br — Cisco Umbrella Rank: 183322	497 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 662	14 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 396	16 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 687	30 KB
199	70

	Domain	Requested by
49	emprestimosim.com.br	emprestimosim.com.br
6	cdnjs.cloudflare.com	emprestimosim.com.br tags.fulllab.com.br
5	ib.adnxs.com	4 redirects event.getblue.io
5	analytics.tiktok.com	emprestimosim.com.br analytics.tiktok.com
5	gum.criteo.com	4 redirects static.criteo.net
4	cognito-identity.eu-west-1.amazonaws.com	js.smct.io
4	k.clarity.ms	www.clarity.ms
4	use.typekit.net	emprestimosim.com.br
3	pixel.adensemble.com	img.metaffiliation.com pixel.adensemble.com
3	www.facebook.com	emprestimosim.com.br
3	js.smct.io	smct.co js.smct.io
3	www.google.de	emprestimosim.com.br
3	www.google.com	emprestimosim.com.br
3	bat.bing.com	emprestimosim.com.br bat.bing.com
3	www.clarity.ms	www.googletagmanager.com www.clarity.ms bat.bing.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com emprestimosim.com.br
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.googletagmanager.com	emprestimosim.com.br tags.t.tailtarget.com www.googletagmanager.com
2	secure.adnxs.com
2	js.sddan.com	1 redirects
2	tags.fulllab.com.br	img.metaffiliation.com tags.fulllab.com.br
2	rd.afftrack.pro	emprestimosim.com.br rd.afftrack.pro
2	iqbroker.com	1 redirects redirect.lista10.dev
2	br.betano.com	1 redirects redirect.lista10.dev
2	gml-grp.com	2 redirects
2	redirect.lista10.dev	rtg.admasters.media
2	dpm.demdex.net	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	c.clarity.ms	1 redirects
2	cms.getblue.io	event.getblue.io
2	cm.g.doubleclick.net	2 redirects
2	trc-events.taboola.com	cdn.taboola.com
2	pixel.rubiconredirect.com	emprestimosim.com.br
2	firehose.eu-west-1.amazonaws.com	js.smct.io
2	b.t.tailtarget.com	d.tailtarget.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	tt-14643-9.seg.t.tailtarget.com	emprestimosim.com.br d.tailtarget.com
2	event.getblue.io	www.googletagmanager.com event.getblue.io
2	d.tailtarget.com	emprestimosim.com.br d.tailtarget.com
2	rtg.admasters.media	emprestimosim.com.br rtg.admasters.media
2	9568187.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
1	trk.datnova.com	js.cookieless-data.com
1	js.cookieless-data.com	1 redirects
1	rtgpix.com	emprestimosim.com.br
1	www.rtb123.com	emprestimosim.com.br
1	altopd.com	img.metaffiliation.com
1	s.thebrighttag.com
1	affiliate.iqbroker.com	1 redirects
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	e1.emxdgt.com
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	contextual.media.net
1	c.bing.com	1 redirects
1	api.soclminer.com.br	plugins.soclminer.com.br
1	scripts.rubiconredirect.com	pixel.rubiconredirect.com
1	t.tailtarget.com	emprestimosim.com.br
1	widget.getblue.io	event.getblue.io
1	img.metaffiliation.com	www.googletagmanager.com
1	hitbr.acstat.com	advcake.dataroyal.com.br
1	pubads.g.doubleclick.net	emprestimosim.com.br
1	cds.taboola.com	cdn.taboola.com
1	d2d7do8qaecbru.cloudfront.net	js.smct.io
1	pips.taboola.com	cdn.taboola.com
1	ls.smct.co	js.smct.io
1	widget.us.criteo.com	emprestimosim.com.br
1	sslwidget.criteo.com	1 redirects
1	adservice.google.de	adservice.google.com
1	trc.taboola.com	cdn.taboola.com
1	adservice.google.com	9568187.fls.doubleclick.net
1	mug.criteo.com	emprestimosim.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	sp.analytics.yahoo.com	emprestimosim.com.br
1	scripts.prdredir.com	www.googletagmanager.com
1	tags.t.tailtarget.com	emprestimosim.com.br
1	advcake.dataroyal.com.br	emprestimosim.com.br
1	secure.afilio.com.br	www.googletagmanager.com
1	plugins.soclminer.com.br	emprestimosim.com.br
1	static.criteo.net	www.googletagmanager.com
1	smct.co	www.googletagmanager.com
1	cdn.jsdelivr.net	emprestimosim.com.br
1	code.jquery.com	emprestimosim.com.br
199	101

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
75ua.adj.st
economia.estadao.com.br
fdr.com.br
exame.abril.com.br
exame.com
seucreditodigital.com.br
veja.abril.com.br
www.infomoney.com.br
www.facebook.com
www.instagram.com
www.linkedin.com
play.google.com
apps.apple.com
api.whatsapp.com
www.susep.gov.br
www.emprestimosim.com.br

Subject Issuer	Validity	Valid
www.emprestimosim.com.br Entrust Certification Authority - L1K	`2022-05-11` - `2023-05-09`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-21` - `2022-12-20`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
smct.co Amazon	`2022-04-17` - `2023-05-16`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.soclminer.com.br E1	`2022-11-19` - `2023-02-17`	3 months	crt.sh
afilio.com.br Amazon	`2022-03-28` - `2023-04-25`	a year	crt.sh
br.acstat.com R3	`2022-12-12` - `2023-03-12`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-10` - `2023-07-10`	a year	crt.sh
*.prdredir.com E1	`2022-11-11` - `2023-02-09`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.intent.ly Amazon	`2022-06-26` - `2023-07-25`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
cognito-identity.eu-west-1.amazonaws.com Amazon	`2022-06-07` - `2023-07-06`	a year	crt.sh
*.getblue.io Amazon	`2022-10-22` - `2023-11-20`	a year	crt.sh
firehose.eu-west-1.amazonaws.com Amazon	`2022-06-08` - `2023-05-26`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
img.metaffiliation.com Gandi Standard SSL CA 2	`2021-12-13` - `2023-01-02`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
saleguard.shop Go Daddy Secure Certificate Authority - G2	`2022-06-10` - `2023-06-10`	a year	crt.sh
www.rtb123.com GlobalSign GCC R3 DV TLS CA 2020	`2022-02-02` - `2023-03-06`	a year	crt.sh
tags.fulllab.com.br R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
*.rtgpix.com AlphaSSL CA - SHA256 - G2	`2022-01-05` - `2023-02-06`	a year	crt.sh
*.rockmyapps.com Amazon	`2022-05-20` - `2023-06-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://emprestimosim.com.br/
Frame ID: D0B2B085691CF90506188B8E08052E1F
Requests: 153 HTTP requests in this frame

Frame: https://9568187.fls.doubleclick.net/activityi;dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F
Frame ID: 1BFC0B2DD4A29DD7D0A0E1B482D32461
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=emprestimosim.com.br&origin=onetag
Frame ID: 6E516967DECB118973103107526275BF
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F
Frame ID: 7171F54C5E18B7296EB6AD96921A90AF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F
Frame ID: 36DF3E723CCDDF46FD483B39C1368BE0
Requests: 1 HTTP requests in this frame

Frame: https://ls.smct.co/lse1.3.html
Frame ID: 2A5DC9DFD048A15CF721A69CF3364820
Requests: 1 HTTP requests in this frame

Frame: https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Frame ID: 8BD9AA6103AA79128144961B81D1410F
Requests: 1 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&v=13072020-1328&nocache=846657946748.0173
Frame ID: CCADB899217BFBB4F6DAAFA8BE2DDD6E
Requests: 4 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-9iTpRztxfH7zkuTYykwnpSPUNHxe5r-hD9-0_A&expires=30
Frame ID: ACD8442D4E05159194B640CDF5058814
Requests: 27 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=T6TyTk45MGov4cg8
Frame ID: 8E4053CBECF69A906FAF7938111C6406
Requests: 2 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=5cXc1fZfx2Azrofy
Frame ID: DDBAA66298A813B0D502B5A90672D75B
Requests: 2 HTTP requests in this frame

Frame: https://tags.fulllab.com.br/safeframe
Frame ID: E04B06E64DB8E2CE8C0B1971C04EE2BA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo Online e Rápido | Empréstimo Sim

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

199
Requests

90 %
HTTPS

33 %
IPv6

70
Domains

101
Subdomains

86
IPs

10
Countries

1921 kB
Transfer

3783 kB
Size

120
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=kqB22ycF1j8

Search URL Search Domain Scan URL

URL: https://75ua.adj.st/?adj_t=bh44gam
Title: baixe nosso app!

Search URL Search Domain Scan URL

URL: https://economia.estadao.com.br/blogs/coluna-do-broad/santander-quer-deslanchar-fintech-que-da-credito-pessoal-com-garantias-como-casas-carros-e-motos/

Search URL Search Domain Scan URL

URL: https://fdr.com.br/2020/10/10/santander-plataforma-de-emprestimos-sim-atinge-1-milhao-de-cadastros/

Search URL Search Domain Scan URL

URL: https://exame.abril.com.br/negocios/santander-ira-lancar-novas-plataformas-de-credito-para-brigar-com-fintechs/

Search URL Search Domain Scan URL

URL: https://exame.com/invest/minhas-financas/antecipacao-saque-aniversario-fgts-sim/

Search URL Search Domain Scan URL

URL: https://seucreditodigital.com.br/sim-tem-emprestimo-pessoal-com-taxas-a-partir-de-189-ao-mes/

Search URL Search Domain Scan URL

URL: https://economia.estadao.com.br/blogs/coluna-do-broad/sim-fintech-de-credito-pessoal-do-santander-atinge-r-15-bi-em-carteira/

Search URL Search Domain Scan URL

URL: https://veja.abril.com.br/blog/radar-economico/fintech-do-santander-consegue-alcancar-lucratividade-em-seu-segundo-ano/

Search URL Search Domain Scan URL

URL: https://economia.estadao.com.br/blogs/coluna-do-broad/pagamento-de-dividas-foi-principal-destino-do-credito-na-sim-do-santander/

Search URL Search Domain Scan URL

URL: https://www.infomoney.com.br/minhas-financas/santander-lanca-plataforma-digital-de-emprestimos-com-garantias-variadas-2

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EmprestimoSim

Search URL Search Domain Scan URL

URL: https://www.instagram.com/emprestimosim/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCUQmuTiOEyXHVXaKtyiWbGw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/emprestimo-sim

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.aymore.sim
Title: Disponível naGoogle Play

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/empr%C3%A9stimo-sim/id1479233209
Title: Disponível naApp Store

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=551130034362
Title: (11) 3003-4362

Search URL Search Domain Scan URL

URL: http://www.susep.gov.br/
Title: SUSEP

Search URL Search Domain Scan URL

URL: http://www.emprestimosim.com.br/
Title: Empréstimo Online e Rápido | Empréstimo Sim

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://9568187.fls.doubleclick.net/activityi;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F HTTP 302
https://9568187.fls.doubleclick.net/activityi;dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F

Request Chain 77

https://gum.criteo.com/sid/json?origin=onetag&domain=emprestimosim.com.br&sn=ChromeSyncframe&so=0&topUrl=emprestimosim.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=beK4P3xtbkgrQkR6N3VWb2hycG13VWV2ZFc1djlxTEI4SEFWeFlmK3haanoycW5IcnpsdlJUejZ4ZHBpUFUrb3UxSWpsN2crRjMzTEJ2NG81VXRJWnVVL1AxdzVEek50T0x1aGlRdGZTSU00OHZhZnRNVU5Nc1grQ3oya0Q5OXZocTlDeEY4VDlyL1BRY0JMYldoNDhBRVN4VjN2b2NCbGhuYnNkU21MWE90SFdsVWEvb1JBREs3UGhiOVJiRnNhY01Zd0Faa1ByajdCUVpnb3NBRkY5S2FyYzF6WEYwT0J1ZGtzT2RhSXI2Wk9Fc3lReng3WERCeVc5Y0lnNGFzaWx2OTVOSTNGK05YQnRic2lvdTJKMk82RlU3OVZYVlpiNHRVYTlJa3dtWGo2OGF6TT18&cppv=2

Request Chain 84

https://sslwidget.criteo.com/event?a=67801&v=5.12.3&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%255B68248%252C67801%255D&adce=1&bundle=-Sr7hF9melR0aGpQaFdFaTM2ODZ1MGM1ZUlpd1NEajJEZUtOZnBtZ1ZFOGhSdGE2SngxUXhZOXUwNU5CTzZRVXZWam9PeFpLVTZQTEpTRkNsQ0E1bjVBdkgwZFJ3Ykc0cFZvWXRZYURQaHVxUTRxMlZIM1hJdmVRZ2NieHVybGpsNU52OWRvNW5YVXJIOExqJTJGeXFvdXJESWlrYTZ3WTZrWjdaRFhHa2M1TjA1OWJlWSUzRA&tld=emprestimosim.com.br&fu=https%253A%252F%252Femprestimosim.com.br%252F&dtycbr=60044 HTTP 302
https://widget.us.criteo.com/event?a=67801&v=5.12.3&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%255B68248%252C67801%255D&adce=1&bundle=-Sr7hF9melR0aGpQaFdFaTM2ODZ1MGM1ZUlpd1NEajJEZUtOZnBtZ1ZFOGhSdGE2SngxUXhZOXUwNU5CTzZRVXZWam9PeFpLVTZQTEpTRkNsQ0E1bjVBdkgwZFJ3Ykc0cFZvWXRZYURQaHVxUTRxMlZIM1hJdmVRZ2NieHVybGpsNU52OWRvNW5YVXJIOExqJTJGeXFvdXJESWlrYTZ3WTZrWjdaRFhHa2M1TjA1OWJlWSUzRA&tld=emprestimosim.com.br&fu=https%253A%252F%252Femprestimosim.com.br%252F&dtycbr=60044

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=getblue&google_cm&&google_sc&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&google_ula=7141573074&ula=7141573074&google_hm=Q0NFRjM3NEMtQkRFNS00N0RELTlDQTM5MDRENDg5RUVFQTc&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de HTTP 302
https://cms.getblue.io/cm/?src=adx&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&ula=7141573074&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&google_gid=CAESEHhz28m-vYWQmmUQn3zEYcg&google_cver=1&google_ula=7141573074,0

Request Chain 145

https://ib.adnxs.com/setuid?entity=449&code=CCEF374C-BDE5-47DD-9CA3904D489EEEA7 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3DCCEF374C-BDE5-47DD-9CA3904D489EEEA7

Request Chain 146

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&appnexusid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3DCCEF374C-BDE5-47DD-9CA3904D489EEEA7%26cid%3D5C452402-DDBE-CC15-BDE4291B44D501AB%26blueID%3D6c5189db-ddcb-44b9-83e0-09e760b0d2de%26appnexusid%3D%24UID HTTP 302
https://cms.getblue.io/cm/?src=appnexus&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&appnexusid=7997888596615906682

Request Chain 150

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=B4679A03C59C453D84A87249BC50E0C2&RedC=c.clarity.ms&MXFR=0822308C384A6F6832BC22F53C4A61DC HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=B4679A03C59C453D84A87249BC50E0C2&MUID=300CD7B072606F4A31A4C5C973EB6E45

Request Chain 151

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-9iTpRztxfH7zkuTYykwnpSPUNHxe5r-hD9-0_A&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-9iTpRztxfH7zkuTYykwnpSPUNHxe5r-hD9-0_A&expires=30

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-mXePyjtxfH7zkuTYykwnpSPUNHzPTt6AErAJnw&google_cm&google_hm=ay1tWGVQeWp0eGZIN3prdVRZeWt3bnBTUFVOSHpQVHQ2QUVyQUpudw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mXePyjtxfH7zkuTYykwnpSPUNHzPTt6AErAJnw&google_gid=CAESEN5Y97VTLHcVw520bYggiqA&google_cver=1&google_ula=913071,0

Request Chain 153

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7997888596615906682

Request Chain 154

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WvogfDtxfH7zkuTYykwnpSPUNHw_Ze5H0OlvLw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WvogfDtxfH7zkuTYykwnpSPUNHw_Ze5H0OlvLw&C=1

Request Chain 155

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-JDhfJztxfH7zkuTYykwnpSPUNHzW9XF9FbvKtw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JDhfJztxfH7zkuTYykwnpSPUNHzW9XF9FbvKtw

Request Chain 168

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=K6imEIFEShBwBUvDPGAq_8dXh02lHolh HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=K6imEIFEShBwBUvDPGAq_8dXh02lHolh

Request Chain 178

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wHvUzc8U1CyHqjndvaxDlHga82LB9VqZ

Request Chain 179

https://gml-grp.com/C.ashx?btag=a_15474b_1238c_&affid=3237&siteid=15474&adid=1238&c= HTTP 302
https://gml-grp.com/C.ashx?btag=a_15474b_1238c_&affid=3237&siteid=15474&adid=1238&c=&AutoR=1 HTTP 302
https://br.betano.com/register/?btag=a_15474b_1238c_[CustomMergeFields]&siteid=15474 HTTP 302
https://br.betano.com/myaccount/ban/country-341630?siteid=14

Request Chain 180

https://iqbroker.com/lp/mobile-partner/en/?aff=298933 HTTP 302
https://affiliate.iqbroker.com/redir/?forceBackLink=1&aff=298933 HTTP 302
https://iqbroker.com/lp/mobile-partner/pt/

Request Chain 181

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=r2X3Y2cHDYnGq1ztv5KyyG8azbW70fhl

Request Chain 188

https://js.cookieless-data.com/LAL.d?pa=22449&target=1&r=&u=https%3A%2F%2Femprestimosim.com.br%2F HTTP 307
https://js.sddan.com/LAL.d?pa=22449&target=1&r=&u=https%3A%2F%2Femprestimosim.com.br%2F HTTP 307
https://js.sddan.com/LAL.d?pa=22449&target=1&r=&u=https%3A%2F%2Femprestimosim.com.br%2F&bounce=1

199 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
emprestimosim.com.br/ 67 KB
13 KB 1152ms
183ms Document
text/html 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4234bf083c1466c6b8153cbe8d76bf6c652374b71acfb880a1ea164d2ad936f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=188
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 12911
Content-MD5: Cg9085ZlL/v61BblJEodDw==
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html
Date: Tue, 13 Dec 2022 12:36:26 GMT
ETag: "0x8DAD39729DDF419"
Last-Modified: Thu, 01 Dec 2022 12:25:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
x-ms-request-id: 6d5f5ff6-001e-0009-3b80-057e74000000
x-ms-version: 2018-03-28

GET
H/1.1 200
OK hero-1@2x.webp
emprestimosim.com.br/assets/images/home/mobile/ 64 KB
65 KB 108ms
108ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/mobile/hero-1@2x.webp

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bb6ca7237fd2b9557a45cea307ecb486a0d89628fc57d04e493ec2c6b2e4f593

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: +qzWmU3OCu5UMnKV0QdO9Q==
Connection: keep-alive
Content-Length: 65582
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:59 GMT
ETag: "0x8DAD397340AEF09"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
x-ms-request-id: 4592c1fa-f01e-006f-3380-053154000000
Cache-Control: max-age=248
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK hero1@2x.webp
emprestimosim.com.br/assets/images/home/desktop/ 115 KB
116 KB 382ms
195ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/desktop/hero1@2x.webp

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

99b9b5bf1a7bdef4dd05098794e94d501398d874d23473197561f5bfa3b1831b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: x+JxZGHa9RDqFzxoDOwUnw==
Connection: keep-alive
Content-Length: 117914
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:26:00 GMT
ETag: "0x8DAD39734C3F913"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
x-ms-request-id: 6d5f2ea4-001e-0009-3980-057e74000000
Cache-Control: max-age=226
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK style.min.css
emprestimosim.com.br/assets/css/ 190 KB
32 KB 380ms
196ms Stylesheet
text/css 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/css/style.min.css

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

24bbed54671f8706b6d7248bb2fdac582f054af3555db5cbdfe6fb014f9ba2d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: s4D4v9ZquMo/qcNOUGeP2A==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 31583
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:42 GMT
ETag: "0x8DAD3972A0DA80E"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
x-ms-request-id: 6d606c41-001e-0009-6781-057e74000000
Cache-Control: max-age=117
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap.min.css
emprestimosim.com.br/assets/vendor/bootstrap/css/ 19 KB
3 KB 297ms
110ms Stylesheet
text/css 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/vendor/bootstrap/css/bootstrap.min.css

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

223d43b797419fd715d2451cb10077fc553e514070db8b8fb5a1806d3f415c2f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: rsyam6sIDtyHHG/PmV7OEQ==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 2404
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:42 GMT
ETag: "0x8DAD39729E7FAED"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
x-ms-request-id: 4594e080-f01e-006f-1f81-053154000000
Cache-Control: max-age=264
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-color.svg
emprestimosim.com.br/assets/images/ 3 KB
3 KB 114ms
110ms Image
image/svg+xml 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo-color.svg

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

020d991f34b25255c5d3b70e6936745189ff0b2dbb2409382a50af9d1bdf5502

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: tE6DLN3mf94uEqDR+PtSHw==
Connection: keep-alive
Content-Length: 2644
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:47 GMT
ETag: "0x8DAD3972CF6ACAF"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
x-ms-request-id: 459562b5-f01e-006f-1e81-053154000000
Cache-Control: max-age=549
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-santander.svg
emprestimosim.com.br/assets/images/ 3 KB
4 KB 107ms
104ms Image
image/svg+xml 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo-santander.svg

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

906f1519144dec1b6088b2105b72640bc60972be0809c6675853a99dcc2a453f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: droYfFlJBeRJneXbnVO0bw==
Connection: keep-alive
Content-Length: 3239
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:44 GMT
ETag: "0x8DAD3972B4E5C54"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
x-ms-request-id: 45933b5a-f01e-006f-0e80-053154000000
Cache-Control: max-age=340
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK pilula.png
emprestimosim.com.br/assets/images/home/desktop/ 395 B
1 KB 107ms
103ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/desktop/pilula.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0a17f2383b1d0325e3f2821e832dd80e1de6082138e6065cf787854ea0fd24b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: 5wbPbDwiLnvpE5BTVr+6jQ==
Connection: keep-alive
Content-Length: 395
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:26:01 GMT
ETag: "0x8DAD397352E0368"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d616b67-001e-0009-3081-057e74000000
Cache-Control: max-age=151
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK money.png
emprestimosim.com.br/assets/images/home/cards/ 2 KB
3 KB 321ms
104ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/cards/money.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f78dbb20e933032952cfe7002006d65514b22004bcd6e1bef02f15d4b949be91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: fiUdGMbZN8KtA6a9VZFd8Q==
Connection: keep-alive
Content-Length: 1814
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:26:01 GMT
ETag: "0x8DAD3973566D4E1"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: a5be700e-901e-0046-0d81-050f20000000
Cache-Control: max-age=136
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK carr.png
emprestimosim.com.br/assets/images/home/cards/ 1 KB
2 KB 323ms
102ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/cards/carr.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f52a6582d8042b96bf6f47676986a1f5822e4dbbf6a9ebabc6b9d9ac75dd12dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: Rer9bEgzmPt2LMNS++ZWGw==
Connection: keep-alive
Content-Length: 1222
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:26:01 GMT
ETag: "0x8DAD3973556E144"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d600376-001e-0009-7b81-057e74000000
Cache-Control: max-age=87
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK fgts.png
emprestimosim.com.br/assets/images/home/cards/ 2 KB
3 KB 250ms
101ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/cards/fgts.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7ac192b8115fbcef3996d67b90ff770d8acadc71b3aff1e13c6d24976a7431da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: j9ES9NG27/3ayl5jIDIqWA==
Connection: keep-alive
Content-Length: 2020
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:26:01 GMT
ETag: "0x8DAD397354BA350"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: a5be6382-901e-0046-4481-050f20000000
Cache-Control: max-age=113
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK prestamista.png
emprestimosim.com.br/assets/images/home/cards/ 2 KB
3 KB 184ms
102ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/cards/prestamista.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c099f9ff2e2d9c66d6494e80170d466341c0a589f8013a9a272d5e674623340f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: dA3nyymUce0D+LsUSBUumQ==
Connection: keep-alive
Content-Length: 2305
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:26:01 GMT
ETag: "0x8DAD3973564DB48"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d60b6fc-001e-0009-1681-057e74000000
Cache-Control: max-age=325
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK image-graphic.png
emprestimosim.com.br/assets/images/ 6 KB
7 KB 103ms
102ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/image-graphic.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a91c86e5c32534f80979f376ff65f92e95c23f716e568ab52649c150fe599c59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: mcAZKx1IG2Vf6Qq3xq8wig==
Connection: keep-alive
Content-Length: 6053
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:45 GMT
ETag: "0x8DAD3972BA4A6C5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 45948f85-f01e-006f-1f81-053154000000
Cache-Control: max-age=433
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK fast-pink.png
emprestimosim.com.br/assets/images/ 319 B
1 KB 105ms
105ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/fast-pink.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a367016d4901839a2fe40793d076f5f37f1329538bfc31701beb63e0253aae3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: pyVMPHFJWLBrcyGohYZG3A==
Connection: keep-alive
Content-Length: 319
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:44 GMT
ETag: "0x8DAD3972B507CC8"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d5efe25-001e-0009-3380-057e74000000
Cache-Control: max-age=179
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK thoughts-pink.png
emprestimosim.com.br/assets/images/ 687 B
1 KB 104ms
104ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/thoughts-pink.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5bec07035b8d8469d3375ec0326b9ac991688b3a0b057b084afd76c2108de386

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: K91hbVg7ZTf2+/Mxwjh28w==
Connection: keep-alive
Content-Length: 687
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:45 GMT
ETag: "0x8DAD3972BC55072"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d5fbc6a-001e-0009-5181-057e74000000
Cache-Control: max-age=346
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK safety-pink.png
emprestimosim.com.br/assets/images/ 536 B
1 KB 106ms
106ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/safety-pink.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b9282e9fdf9bd33668f3ed3d31c7d348d6054a20db89d3e2262bf6f017933c32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: qz+9jAJp00qDKHQPsL11Vg==
Connection: keep-alive
Content-Length: 536
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:44 GMT
ETag: "0x8DAD3972B31F38F"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d6030bb-001e-0009-1881-057e74000000
Cache-Control: max-age=378
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK exame-logo.png
emprestimosim.com.br/assets/images/logo/ 2 KB
3 KB 104ms
103ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo/exame-logo.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6b7fe2019fa4dfc6f49c95484cb7a05501450530c897c26daee45487dfc29b5b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: q7DCiWaXqwoZcmelp3i9MA==
Connection: keep-alive
Content-Length: 1926
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:48 GMT
ETag: "0x8DAD3972D7759DD"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d60b0c8-001e-0009-5a81-057e74000000
Cache-Control: max-age=335
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-credito-digital.png
emprestimosim.com.br/assets/images/logo/ 3 KB
4 KB 105ms
104ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo/logo-credito-digital.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

76ed43e621b06fa7cde94105f662d4a39bcd4385ec8218082fa9cbdaf52d521e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: n0YIWUD8FyjumzfmIBPSKQ==
Connection: keep-alive
Content-Length: 3346
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:48 GMT
ETag: "0x8DAD3972D82E5AE"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d61451b-001e-0009-5381-057e74000000
Cache-Control: max-age=370
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-estadao.png
emprestimosim.com.br/assets/images/logo/ 4 KB
4 KB 103ms
103ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo/logo-estadao.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

01051be053fcedd16a6ab6e7acc66608d4fbfb681cce4bea94acdd437d394df1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: zOKW5YoX4QSeblrJt7KysQ==
Connection: keep-alive
Content-Length: 3618
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:48 GMT
ETag: "0x8DAD3972D70AAA0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 4597be90-f01e-006f-5381-053154000000
Cache-Control: max-age=327
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-veja.png
emprestimosim.com.br/assets/images/logo/ 2 KB
3 KB 103ms
103ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo/logo-veja.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

be005ce7104312aeda33300b76a1baded55fd069dc721cfb210629f5214b3b80

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: q31tF6NOmEOLJjF1jKeKyg==
Connection: keep-alive
Content-Length: 2280
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:48 GMT
ETag: "0x8DAD3972D5F3218"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 4593b5b5-f01e-006f-1f80-053154000000
Cache-Control: max-age=458
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK infomoney-logo.png
emprestimosim.com.br/assets/images/logo/ 2 KB
2 KB 105ms
105ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo/infomoney-logo.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1324fd77be8e7aff037ca9c9c92a7860070d3a2e87e331f4c71703db9704494b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: 2vgYOlkztiSolm6fzAoWEA==
Connection: keep-alive
Content-Length: 1593
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:48 GMT
ETag: "0x8DAD3972D86FFBB"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d60f3e7-001e-0009-2081-057e74000000
Cache-Control: max-age=61
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK fdr.png
emprestimosim.com.br/assets/images/logo/ 2 KB
3 KB 108ms
108ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo/fdr.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

86ca0956287bf33bf7c403d72fe2fade985d7af3ac007aa32fd93c2a175f666e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: s1NmShz75wo2V4DNuu6Dcw==
Connection: keep-alive
Content-Length: 2354
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:48 GMT
ETag: "0x8DAD3972D7CD1FB"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 6d60fc4f-001e-0009-7d81-057e74000000
Cache-Control: max-age=125
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK post-1.webp
emprestimosim.com.br/assets/images/ 28 KB
29 KB 110ms
110ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/post-1.webp

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4fe246805c58db47f4fc6e4c52c84f6428bbff27f0f2b3bf53992841adea84e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: nzCOqTbFflm8ceAYhbLeAA==
Connection: keep-alive
Content-Length: 28522
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:46 GMT
ETag: "0x8DAD3972C77AB43"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
x-ms-request-id: 6d61bd62-001e-0009-0d81-057e74000000
Cache-Control: max-age=106
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK post-2.webp
emprestimosim.com.br/assets/images/ 23 KB
24 KB 103ms
103ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/post-2.webp

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

72ca11f74554c7586dfd8d54aee79f8a262f2d3baf47d600330bc1260da626d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: tiqjqjDpn7AM2PYTVnXa7Q==
Connection: keep-alive
Content-Length: 23626
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:44 GMT
ETag: "0x8DAD3972B48E435"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
x-ms-request-id: 6d5ead74-001e-0009-6880-057e74000000
Cache-Control: max-age=546
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK post-3.webp
emprestimosim.com.br/assets/images/ 29 KB
30 KB 104ms
103ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/post-3.webp

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

32850ce957f8bf73923468dfed25d6f1c06e5ac02b7ce47c26084b2e2f697531

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: loLPzWMtIpeCOroUS/n3SA==
Connection: keep-alive
Content-Length: 29880
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:44 GMT
ETag: "0x8DAD3972B3D0AB6"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
x-ms-request-id: 6d6136ea-001e-0009-5681-057e74000000
Cache-Control: max-age=242
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-sim-rodape.png
emprestimosim.com.br/assets/images/ 803 B
2 KB 105ms
104ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo-sim-rodape.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

70d3488c2f6aa74fae0bead6cba1dd40a175b1de0c60ca33709a9cf692c5f1f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: X3uNRJV0HxSvzl1ffDYsMQ==
Connection: keep-alive
Content-Length: 803
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972A85AC7D"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 45969106-f01e-006f-5d81-053154000000
Cache-Control: max-age=67
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-whats-app-footer.png
emprestimosim.com.br/assets/images/ 1 KB
2 KB 105ms
104ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/icon-whats-app-footer.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fe7efed9a4312e1ab71d3610d45a086e045ffa27aa7794581ffdaa22fe557a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: aNTtt50wHtD4thc+3KX6Qg==
Connection: keep-alive
Content-Length: 1088
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:46 GMT
ETag: "0x8DAD3972CB1B3DF"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 45944789-f01e-006f-6881-053154000000
Cache-Control: max-age=564
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-sac.png
emprestimosim.com.br/assets/images/ 734 B
1 KB 106ms
106ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/icon-sac.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4c1bf4b3e0d3235bfb1498486e6902c33f46638801c3e951eb7a41964da25175

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: Lm0AV7ZKSCj7WYA8FBBC0g==
Connection: keep-alive
Content-Length: 734
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:46 GMT
ETag: "0x8DAD3972C7B29BF"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 459608ba-f01e-006f-1581-053154000000
Cache-Control: max-age=101
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-ouvidoria.png
emprestimosim.com.br/assets/images/ 459 B
1 KB 103ms
103ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/icon-ouvidoria.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18db69f82e97b7e73d6408effc8ff565de7bed09a33e404843c285ceddb98169

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: bBBlaoWqCDGmny7ZLZn9fg==
Connection: keep-alive
Content-Length: 459
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:45 GMT
ETag: "0x8DAD3972BE0F6BF"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 45930313-f01e-006f-0180-053154000000
Cache-Control: max-age=229
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-group.png
emprestimosim.com.br/assets/images/ 3 KB
3 KB 103ms
103ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/logo-group.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d121dba61f66283c750f65d6d81811a4de81e934c2b88af484e20ea0b47d0ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: jg2phPyq9G3DMovh+tpfow==
Connection: keep-alive
Content-Length: 2562
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:44 GMT
ETag: "0x8DAD3972B35E6C7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 45944583-f01e-006f-2d81-053154000000
Cache-Control: max-age=244
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-site-seguro.png
emprestimosim.com.br/assets/images/ 1 KB
2 KB 110ms
110ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/icon-site-seguro.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b5040fe6d40543776d53964540a5ae4b627fedae92c6b33cd2eb37bbd17e00ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: JnVG4EC+rz+mUehOXAqvog==
Connection: keep-alive
Content-Length: 1270
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972ADA2434"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: a5be9bbb-901e-0046-7b81-050f20000000
Cache-Control: max-age=364
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 1212ms
1037ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1670934987.dop146.fr8.t,1670934987.cds161.fr8.hn,1670934987.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 61 KB
16 KB 210ms
44ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.min.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12688700
x-jsd-version: 4.6.2
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA, cache-iad-kiad7000060-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"f463-4yQGPI9GxrKUJ98VQvECatIw9gQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NK7iz0Wpb7f3hZtgpHvimT2YdNH7o3ggNf%2Fe0QbYgei9KrQmE2tjOwp6oIVt88WPfXVZWMuOCwr%2BpUJbPxxDqXNYXOpM0B3nms%2FzOO4KzTtGXKVa7gRVbTO07d3KQBOgJOOfxrvglPKwdibZdLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 778ebed87f60903d-FRA

GET
H2 200 swiper-bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/8.1.5/ 137 KB
34 KB 195ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.1.5/swiper-bundle.min.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733f585573cedfe24ab328e1c9ba6a650f04e81409837bdc5aaeaeef87283f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 497085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34088
last-modified: Mon, 16 May 2022 12:37:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62824573-8528"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2te2BDRqVueSG5u0wQKOElfwdAClFuLBtCsqDXPStueRjnHr2XU4xs5vEZCP1esJuP2%2FvPnqaGXPNSumGdMMk6kXonZrZ%2BP01SlNrofKdpGU6T4Ti%2FTKSiDF4fOhDedkXsQcTRVmDI4hsjkop8npGGi6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 778ebed89dfebba3-FRA
expires: Sun, 03 Dec 2023 12:36:27 GMT

GET
H/1.1 200
OK modernizr-custom.js Show response
emprestimosim.com.br/assets/vendor/modernizr/ 3 KB
2 KB 102ms
102ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/vendor/modernizr/modernizr-custom.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4c0fc46e9c98ea5580cc72895140b9df71a21956c6420cfbd21d30a8d99cb175

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: NTMERj1KWcaD9vSwFEwGKg==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 1523
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:42 GMT
ETag: "0x8DAD3972A004999"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: a5be5621-901e-0046-7981-050f20000000
Cache-Control: max-age=218
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H2 200 aos.js Show response
cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/ 14 KB
4 KB 208ms
50ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/aos.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 59255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4109
last-modified: Mon, 04 May 2020 16:05:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d5d-3962"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0Apw6ZndMDvkc2%2BUVujewCabl8emvugVhTRtUXPKXQlBd0FT9wxRMX2pyTSWm4HuRwC88fsUiaOIdcrTb1%2F9%2BynrnB%2BcZ09E155yMY7pPjfZWi%2FXykG5NiijFhwRGaA0TKr7rluYB%2BdfyCV%2B5XZyU3E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 778ebed8be4dbba3-FRA
expires: Sun, 03 Dec 2023 12:36:27 GMT

GET
H2 200 jquery.maskMoney.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-maskmoney/3.0.2/ 5 KB
2 KB 229ms
57ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-maskmoney/3.0.2/jquery.maskMoney.min.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53460b547a39f81deaf55102e0126a4678032111428eb840219a282dda9539cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14965481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1828
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-13c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6dY80mYlpyuOqgpFEDcoWKVsX21Xrk7wSV2RecKxExmEZt92Q0S97u9xUbIGyYzH8gT7is8rqHbFHnKeJdjtVBjOW6cdadoi4R21EMGf6BvIBVNdaJdYAnUr3K3ixMkNssJpy2uNiW%2F7tuFoTTxrbsP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 778ebed8be49bba3-FRA
expires: Sun, 03 Dec 2023 12:36:27 GMT

GET
H/1.1 200
OK simulate.min.js Show response
emprestimosim.com.br/assets/js/ 4 KB
2 KB 102ms
102ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/js/simulate.min.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce00d5580940143695f7017110c37db7ec77599e061663cfa165a9f03cf0be67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: 84/Q0igOXxqDocFO+Z0AXg==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 1491
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972A57F213"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: 459492f8-f01e-006f-4181-053154000000
Cache-Control: max-age=372
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK web-tracker.min.js Show response
emprestimosim.com.br/assets/js/ 505 B
1 KB 101ms
101ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/js/web-tracker.min.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c4d7bc627b01893985378a176a93ed353b71fd29ee2e808c18717d314a22d624

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: FqR3zJ2n3SRBOE24fj2mVg==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 307
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 17 Nov 2022 12:02:17 GMT
ETag: "0x8DAC89392FC95FB"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: 3f6a99e5-601e-0030-7c7d-fa8568000000
Cache-Control: max-age=65
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK main.min.js Show response
emprestimosim.com.br/assets/js/ 2 KB
1 KB 102ms
102ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/js/main.min.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9001f43803914fb0df54bfc90f6ce0def0d255eb925c6a6b0039e94313faf352

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: nXym3Ez0wQNuTN11BaBGuw==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 630
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:42 GMT
ETag: "0x8DAD3972A37E3EC"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: a5be6b11-901e-0046-1381-050f20000000
Cache-Control: max-age=133
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK app.js Show response
emprestimosim.com.br/assets/js/ 295 B
984 B 110ms
110ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/js/app.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

67925e0981eb9ab751c2a24fa45963bd849755f71a59649cf0085d1e88e85a8f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: flKJusGqJc4epeYMv2Pd7g==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 155
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972A55F87A"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: 459669ed-f01e-006f-6c81-053154000000
Cache-Control: max-age=263
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
94 KB 206ms
48ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53dff34932317bec198151ded94e5149834b6b757b038338ffc54b02f5132068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95870
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 12:36:27 GMT

GET
H/1.1 200
OK icon-arrow-header.svg
emprestimosim.com.br/assets/images/ 535 B
1 KB 207ms
112ms Image
image/svg+xml 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/icon-arrow-header.svg

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5570b3ba28f76bbcb5367d8c385aa564f4baaa04969eb2ea2dc7542132a27953

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: hnL6QCfL1NQbmbxXZsxsWQ==
Connection: keep-alive
Content-Length: 535
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:44 GMT
ETag: "0x8DAD3972B398C25"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
x-ms-request-id: 45957425-f01e-006f-5c81-053154000000
Cache-Control: max-age=499
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK banner-taxa-home@2x.webp
emprestimosim.com.br/assets/images/home/desktop/ 157 KB
158 KB 226ms
131ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/desktop/banner-taxa-home@2x.webp

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a27f1bcaa84d6877b3428acc9c8de4f053ad81448cc6bbecd5ec180a3e2095a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: SpHWOXlbARUG8PmZQMi3iw==
Connection: keep-alive
Content-Length: 160574
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:26:00 GMT
ETag: "0x8DAD39734C68E36"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
x-ms-request-id: 482d963b-a01e-0062-6084-05f980000000
Cache-Control: max-age=591
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK banner-fgts@2x.webp
emprestimosim.com.br/assets/images/home/desktop/ 171 KB
171 KB 107ms
107ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/desktop/banner-fgts@2x.webp

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

811f04f4d99edcc0ba3e9c61ba72220e299bcb117e8e8029950908a44d6d5bab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: wsszS8W71oIBK/jTDkoehw==
Connection: keep-alive
Content-Length: 174650
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:26:00 GMT
ETag: "0x8DAD397349A0B07"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
x-ms-request-id: 6d5ffd95-001e-0009-6b81-057e74000000
Cache-Control: max-age=326
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK banner-debito-home@2x.webp
emprestimosim.com.br/assets/images/home/desktop/ 142 KB
143 KB 240ms
240ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/home/desktop/banner-debito-home@2x.webp

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1e3f3348061152da9d210c6fcae26f029597a30ced0672d6c1298e904f8aba9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: /id3Rmups3oi2YL19pJBRg==
Connection: keep-alive
Content-Length: 145284
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:26:00 GMT
ETag: "0x8DAD3973490C695"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
x-ms-request-id: a5bfc0ac-901e-0046-0782-050f20000000
Cache-Control: max-age=288
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H2 200 l
use.typekit.net/af/f06b5c/00000000000000003b9b18c0/27/ 33 KB
33 KB 172ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f06b5c/00000000000000003b9b18c0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3c3c5d5715fee6057604b4028256d879205976653574579498a4ee89be8e1361

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
server: nginx
etag: "ed725acb4799b048c49274fadcbcb327f41e37b7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33420

GET
H2 200 l
use.typekit.net/af/f341ab/00000000000000003b9b17f3/27/ 23 KB
24 KB 177ms
12ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f341ab/00000000000000003b9b17f3/27/l?subset_id=2&fvd=n8&v=3
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f76c3b40a881b6cb3e4289444573df84b893a6588fe980a5759681e8c237b764

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
server: nginx
etag: "a06540497c87f3b94982941a117a162f547d197a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23940

GET
H2 200 l
use.typekit.net/af/973e2e/00000000000000003b9b18c4/27/ 32 KB
33 KB 168ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/973e2e/00000000000000003b9b18c4/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 860b60f32ca476d40d12845b051dec5475ced8121cd5cef783f722454b42c989

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
server: nginx
etag: "60ccfc8d6f6497331ad99cf12b375f274289706e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33160

GET
H/1.1 200
OK button-scroll.png
emprestimosim.com.br/assets/images/ 490 B
1 KB 262ms
108ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/button-scroll.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

67633d2dcfbe1616260f020b61f5127932f02b3b5213c0724c853f4f9cd06530

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: fszwj0OBnzH97w1WLS+TSQ==
Connection: keep-alive
Content-Length: 490
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972A8FDA2A"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 4595ff62-f01e-006f-7081-053154000000
Cache-Control: max-age=355
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK play-icon.png
emprestimosim.com.br/assets/images/ 1 KB
2 KB 104ms
103ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/play-icon.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3330c8a22c1f813b5b0e27fb8f66d3b712635344b270f3ef84690f7066ffdcdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: IT9KJFflxLyWEAat4O+CDQ==
Connection: keep-alive
Content-Length: 1160
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:47 GMT
ETag: "0x8DAD3972CEE7885"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 45945d78-f01e-006f-3581-053154000000
Cache-Control: max-age=120
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK expand-arrow-top.png
emprestimosim.com.br/assets/images/ 203 B
972 B 230ms
104ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/expand-arrow-top.png

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

538b813052e0b3d5e81444ad3de25fd80ea756ed216eed76d1bb3f9e2d6d6a1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: YMlIRFv1FJ3lUX/5DIe4bQ==
Connection: keep-alive
Content-Length: 203
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:45 GMT
ETag: "0x8DAD3972C051EF1"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-ms-request-id: 4594a9b9-f01e-006f-6f81-053154000000
Cache-Control: max-age=180
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H2 200 l
use.typekit.net/af/dc9a99/00000000000000003b9b18c5/27/ 24 KB
24 KB 128ms
12ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dc9a99/00000000000000003b9b18c5/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 27dba2b70cdfbd8515b54e106a35a9a4786a5f7cddde8c6959a023f7a0b4c1fc

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
server: nginx
etag: "205184036cd705ba5a477b93df73ff52f067bb66"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24544

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 29ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

712d764046bbcaae7b93ad4bc8adaf8536a1d0ecec35d046abe05d9d5738af2e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Dec 2022 12:36:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27316
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bObbgS+XbGD4slm2rtzzAIIfGGtc+Vdmqwa0d5eLdcM7kjMWuVFUstIFYg0W0/oXwE9TrJM9C3rblHe2Zn15iA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Dec 2022 11:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4307
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 13 Dec 2022 13:24:40 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1297567/ 58 KB
18 KB 257ms
219ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1297567/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbd565a193580818e6deb0ba4878815e923894bc2cc0e001c54c62b756fc3546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: 6WtQveFHztAnOK4yemt4148Kaan1IPVz
content-encoding: gzip
via: 1.1 varnish
date: Tue, 13 Dec 2022 12:36:27 GMT
x-amz-request-id: QD0C2S94QGZ12T4N
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18123
x-amz-id-2: 0xH+TLxFSkbc7YsWhWiMB3xKJ5eb/TEp4srwKoW2zd7gZgAAbNnrwxgyWGYa4J5VT1TAmApePYM=
x-served-by: cache-hhn-etou8220039-HHN
last-modified: Sun, 11 Dec 2022 11:43:08 GMT
server: AmazonS3
x-timer: S1670934988.770612,VS0,VE207
etag: "0deb176a252cad7a7d8d6f883829e63e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H3

200

activityi;dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.... Show response
9568187.fls.doubleclick.net/ Frame 1BFC
Redirect Chain

https://9568187.fls.doubleclick.net/activityi;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.co...
https://9568187.fls.doubleclick.net/activityi;dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~o...

507 B
293 B

68ms
49ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9568187.fls.doubleclick.net/activityi;dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

9711ddfdd2e8405d2fea76cd29390ccf53df04e7a37298e23adfa91f2c78bd2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://emprestimosim.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 12:36:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 12:36:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9568187.fls.doubleclick.net/activityi;dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
smct.co/tm/ 9 KB
4 KB 270ms
168ms Script
application/javascript 52.215.57.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smct.co/tm/?t=emprestimosim.com.br
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.57.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-57-152.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: d95b9c7865b16f294cec92b3bb2a699f855735681947db80069610d0564e628c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: cache
Date: Tue, 13 Dec 2022 12:36:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=900
Connection: keep-alive
Content-Length: 3469
Expires: Tue, 13 Dec 2022 12:51:27 GMT

GET
H2 200 enjli1ng5c Show response
www.clarity.ms/tag/ 2 KB
2 KB 173ms
98ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/enjli1ng5c?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 30b8145cedecf855dee3ee3327fbe526290db03fdfeaaaa4d1bdc72e067a8cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: application/x-javascript
date: Tue, 13 Dec 2022 12:36:27 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0y3GYYwAAAABRvJLWJb7eQZB9w0Y10F3sRlJBMzFFREdFMDMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 74ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 13 Dec 2022 12:36:27 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9D10A1FC36A74D62A514405D41F81B45 Ref B: FRA31EDGE0520 Ref C: 2022-12-13T12:36:27Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 78ms
36ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
server: nginx
etag: W/"636a704a-a8d9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 12:36:27 GMT

GET
H2 200 all.min.js Show response
plugins.soclminer.com.br/v3/sdk/ 235 KB
76 KB 144ms
95ms Script
application/javascript 2606:4700:20::ac43:494b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca2e14e5d2ca26aaebea9e73ed042387237130ff0b86c2f02a360ddceb901f5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 15:45:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 4BJ7XWHZCTS6NK0Y
age: 31627
etag: W/"509b49fef73376de8c8bf51becc2dc10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYFUZ60xPzhs5s2j0R0EYHEETCo3dXM1JpNQgcbUe9y6Az76wG2CxCiDxFFwh0ixCFUZw%2FIwl8w2ato5qCkH5CXQ4S%2FsUVUkmd0rz1iXXGYjVvGoH0spbc4bnQXhOGURA76oTmkIPdPcgn9kSBuAOOBkoUjbAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 778ebeda6db89b70-FRA
x-amz-id-2: 7kIyvU9XZZ6hvnENjZRnRuSlmHZnVrjx6Cenj6eWOQMCvO/xME5S6dzGakeQ3wFfl5pfKZIEBDQ=

GET
H2 200 mastertag.php Show response
secure.afilio.com.br/ 24 B
497 B 498ms
95ms Script
text/javascript 44.207.128.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.afilio.com.br/mastertag.php?progid=3236&type=homepage&id_partner=emprestimossim&url_product=%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.128.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-128-163.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) / PHP/5.6.40-10+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 1b5adad44292630e0d6c054fd31c83d7eb9867d18efc1c91890b41c82c5fd4f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
server: Apache/2.4.18 (Ubuntu)
x-powered-by: PHP/5.6.40-10+ubuntu16.04.1+deb.sury.org+1
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK dataroyal_tag.js Show response
advcake.dataroyal.com.br/scripts/ 13 KB
14 KB 1257ms
653ms Script
application/javascript 177.54.158.78
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 177.54.158.78 , Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS: game.strongerhosting.com.br
Software: nginx /
Resource Hash: 4b6f82250c1c112b470293e7f7a2f4b8211ab930bfeaf34f41395d5f0ec5176c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Last-Modified: Tuesday, 13-Dec-2022 12:36:28 GMT
Server: nginx
Content-Type: application/javascript, application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 13737
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 20 KB
7 KB 168ms
98ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-14643-9/CT-1829
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6bb7382e03f8ab0dc4a5caf5063c2386d8dbd4269fc75ec1f45dc6295f6fb34c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: gzip
via: 1.1 google
age: 0
x-guploader-uploadid: ADPycdsGNi3zVvedfGUTWHP0daV6uNGYe3Te9BXNCzI91OIL5_wQOkQPP7Hk6g2uGpHm6FJbJhRci0ovquflskyhSm1dKg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6984
last-modified: Fri, 12 Nov 2021 20:44:40 GMT
server: nginx/1.8.1
etag: "1d37e2546d298daf4e6c2325d1735e09"
vary: Accept-Encoding
x-goog-generation: 1636749880208591
x-goog-hash: md5=HTfiVG0pja9ObCMl0XNeCQ==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 6984
accept-ranges: bytes
expires: Tue, 13 Dec 2022 14:36:28 GMT

GET
H2 200 emprestimosim.js Show response
rtg.admasters.media/resources/content/ 2 KB
1 KB 177ms
136ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rtg.admasters.media/resources/content/emprestimosim.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b96ca4e564e5b62f118eba03fa06368eaac3de585b896d7cc1c720bd56022b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 75b79249-2b8d-4b6e-9b9b-96ab2a0dc8a3
x-runtime: 0.002236
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"96b96ca4e564e5b62f118eba03fa0636"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N82Z9u8QOB25lnTTHHCeJaDNSOcpWcMXrs7eUSareqq7mIvf3k95ZU2IK8wIQ3F2T0NC17mtEUOQ59bITnPqg3204EPpDjR%2BKJ5A7e5lsmXc8PU5IcYMGoDLQsZ1JTZ18rTzvglU8C2%2BEnzhpeUefBF3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, private
cf-ray: 778ebedb5d4d6958-FRA

GET
H2 200 k_simsantander.js Show response
scripts.prdredir.com/scripts/ 89 KB
33 KB 170ms
136ms Script
text/javascript 2606:4700:3037::ac43:83bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_simsantander.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:83bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c139dce7a5a53e47320a329f7f6a601c8a5ce2cc928043e25fcea7c02012dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 38b4608e-6bf2-43c0-b83f-61fa93421130
x-runtime: 0.005992
server: cloudflare
etag: W/"2c139dce7a5a53e47320a329f7f6a601"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9l4vI6V66oDkOZnI%2BGkvMLXxwjtBkzx7OqzhEq%2BCilQtjLZOgPPE%2FcS%2FCaxBH9X0eRuBtC0nr%2FHYdfCIfPzCf9aA7dZfhhM6u4Z2G5zngIbeAq1dg3DWZW8ul%2FndmxsK9RUhfP654xs%2Fs4a8Wv9dVwhG5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, public
cf-ray: 778ebedc3a689bd0-FRA
expires: 2022-11-13 12:36:28 UTC

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
632 B 656ms
92ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10154718&gtmcb=437585950

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Dec 2022 12:36:28 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Dec 2022 12:36:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: g4UbihfACfzPIpbmJNeWyUp99LSmnyLGPaok78Kseyb7XNRJ9xx7C39Uwvq0LZZvMYOTp8ip1erTetjTsAVKiQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 410615119637636 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 337ms
337ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410615119637636?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11781d4a79b15cefd494f991271b75af68587a9f500bfdc4d6ce6e4b3f312d93

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Dec 2022 12:36:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bZnQ0Xym4evL0Vnk7FGaEQIIvD4mWtIS2FyEPZ9fc5aoJZlDXdkcudenBG+be5kyUBKzoFUtsEv+mGE12V6Zbw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 35ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=405955031&t=pageview&_s=1&dl=https%3A%2F%2Femprestimosim.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20Sim&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1636068464&gjid=1014012555&cid=943864603.1670934988&tid=UA-145849331-2&_gid=1269956902.1670934988&_r=1&gtm=2wgbu0TF55M3S&cd3=GTM-TF55M3S%3A195&cd6=lista_vazia&cd10=generico&z=1974253546

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://emprestimosim.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://emprestimosim.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-145849331-2&cid=943864603.1670934988&jid=1636068464&gjid=1014012555&_gid=1269956902.1670934988&_u=YEBAAEAAAAAAACAAI~&z=1955700306

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://emprestimosim.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Dec 2022 12:36:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://emprestimosim.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17215600.js Show response
bat.bing.com/p/action/ 3 KB
2 KB 110ms
110ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17215600.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce4e69b18cf74d5fc83acb7707b2c16b8156391f9b2f29d232cb88b501288e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 13 Dec 2022 12:36:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AA3EA28A2E504663B264B5F87FD65885 Ref B: FRA31EDGE0520 Ref C: 2022-12-13T12:36:27Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 1446

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6E51 15 KB
6 KB 66ms
21ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=emprestimosim.com.br&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://emprestimosim.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 12:36:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 836349
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 297ms
22ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-145849331-2&cid=943864603.1670934988&jid=1636068464&_u=YEBAAEAAAAAAACAAI~&z=812340209

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
33ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-145849331-2&cid=943864603.1670934988&jid=1636068464&_u=YEBAAEAAAAAAACAAI~&z=812340209

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.7.0/ 55 KB
19 KB 16ms
16ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.7.0/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/enjli1ng5c?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ba43671fe8efa561dc6d7c35d5dc8f95d9ec360c0d1d6c6f085a70dbef723b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:27 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0JZqXYwAAAADytQwMzG35Qq8AwN38WpNIRlJBMjMxMDUwNDE3MDExADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d90e4b8624997b"
x-azure-ref: 0y3GYYwAAAAA4o/U8sBuXQJJ6jD7vnyh4RlJBMzFFREdFMDMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6E51
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=emprestimosim.com.br&sn=ChromeSyncframe&so=0&topUrl=emprestimosim.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=beK4P3xtbkgrQkR6N3VWb2hycG13VWV2ZFc1djlxTEI4SEFWeFlmK3haanoycW5IcnpsdlJUejZ4ZHBpUFUrb3UxSWpsN2crRjMzTEJ2NG81VXRJWnVVL1AxdzVEek50T0x1aGlRdGZTSU00OHZhZnRNVU5Nc1grQ3oya0...

441 B
670 B

66ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=beK4P3xtbkgrQkR6N3VWb2hycG13VWV2ZFc1djlxTEI4SEFWeFlmK3haanoycW5IcnpsdlJUejZ4ZHBpUFUrb3UxSWpsN2crRjMzTEJ2NG81VXRJWnVVL1AxdzVEek50T0x1aGlRdGZTSU00OHZhZnRNVU5Nc1grQ3oya0Q5OXZocTlDeEY4VDlyL1BRY0JMYldoNDhBRVN4VjN2b2NCbGhuYnNkU21MWE90SFdsVWEvb1JBREs3UGhiOVJiRnNhY01Zd0Faa1ByajdCUVpnb3NBRkY5S2FyYzF6WEYwT0J1ZGtzT2RhSXI2Wk9Fc3lReng3WERCeVc5Y0lnNGFzaWx2OTVOSTNGK05YQnRic2lvdTJKMk82RlU3OVZYVlpiNHRVYTlJa3dtWGo2OGF6TT18&cppv=2

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc43f9a3e3eee1a86fc2d47139dbe26fa43cb5f09681e4496acd5808676f80a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2287292
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=beK4P3xtbkgrQkR6N3VWb2hycG13VWV2ZFc1djlxTEI4SEFWeFlmK3haanoycW5IcnpsdlJUejZ4ZHBpUFUrb3UxSWpsN2crRjMzTEJ2NG81VXRJWnVVL1AxdzVEek50T0x1aGlRdGZTSU00OHZhZnRNVU5Nc1grQ3oya0Q5OXZocTlDeEY4VDlyL1BRY0JMYldoNDhBRVN4VjN2b2NCbGhuYnNkU21MWE90SFdsVWEvb1JBREs3UGhiOVJiRnNhY01Zd0Faa1ByajdCUVpnb3NBRkY5S2FyYzF6WEYwT0J1ZGtzT2RhSXI2Wk9Fc3lReng3WERCeVc5Y0lnNGFzaWx2OTVOSTNGK05YQnRic2lvdTJKMk82RlU3OVZYVlpiNHRVYTlJa3dtWGo2OGF6TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 660787
content-length: 0
expires: 0

GET
H2 200 dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F Show response
adservice.google.com/ddm/fls/i/ Frame 7171 506 B
737 B 81ms
43ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F

Requested by

Host: 9568187.fls.doubleclick.net
URL: https://9568187.fls.doubleclick.net/activityi;dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be1a2930c8532a8e3b43b5a444810e9b2138bc06968ef2c022e738b75a8fa062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9568187.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 12:36:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 17215600 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 99ms
99ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/17215600
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17215600.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 82c2b4a4fe4256e2bb0463b4f47f222161b0fb48ef8b035de1474dd1c09d70ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: application/x-javascript
date: Tue, 13 Dec 2022 12:36:27 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0y3GYYwAAAACbNbJWadCQRqxbY/z88SqSRlJBMzFFREdFMDMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 json Show response
trc.taboola.com/1297567/trc/3/ 2 KB
2 KB 30ms
23ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1297567/trc/3/json?tim=1670934987998&data=%7B%22id%22%3A694%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670934987990%2C%22cv%22%3A%2220221211-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Femprestimosim.com.br%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Demprestimosim-br-video%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670934987997%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Femprestimosim.com.br%2F%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A25%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1297567/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 154df4d58a18edec050ea45bbd511d77e998225611942cee6d0cf50bb3ab528f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms: 15
date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220039-HHN
server: nginx
x-timer: S1670934988.251789,VS0,VE15
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F Show response
adservice.google.de/ddm/fls/i/ Frame 36DF 194 B
776 B 97ms
45ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COTdkvPN9vsCFZnNsgodG5YM8w;src=9568187;type=sim;cat=simem0;ord=8048693255804;gtm=2wgbu0;auiddc=56201159.1670934988;u1=emprestimosim.com.br%2F;~oref=https%3A%2F%2Femprestimosim.com.br%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 12:36:28 GMT
expires: Tue, 13 Dec 2022 12:36:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 csp.js Show response
js.smct.io/csp/ 0
475 B 58ms
21ms XHR
text/html 2606:4700:10::ac43:47d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.smct.io/csp/csp.js
Requested by: Host: smct.co
URL: https://smct.co/tm/?t=emprestimosim.com.br
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:47d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
x-amz-version-id: null
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P5
age: 404621
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Oct 2019 09:31:23 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 778ebedb98a5927d-FRA
x-amz-cf-id: 6LAPS-YPb_ipgKF-5iUXw0cYfA94KRo5cSncKaPxMz_6LXCtIOsArA==
expires: Thu, 12 Jan 2023 12:36:28 GMT

POST
H2 204 collect Show response
k.clarity.ms/ 0
168 B 299ms
98ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.7.0/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://emprestimosim.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
date: Tue, 13 Dec 2022 12:36:28 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=67801&v=5.12.3&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%...
https://widget.us.criteo.com/event?a=67801&v=5.12.3&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%...

14 KB
4 KB

307ms
118ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=67801&v=5.12.3&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%255B68248%252C67801%255D&adce=1&bundle=-Sr7hF9melR0aGpQaFdFaTM2ODZ1MGM1ZUlpd1NEajJEZUtOZnBtZ1ZFOGhSdGE2SngxUXhZOXUwNU5CTzZRVXZWam9PeFpLVTZQTEpTRkNsQ0E1bjVBdkgwZFJ3Ykc0cFZvWXRZYURQaHVxUTRxMlZIM1hJdmVRZ2NieHVybGpsNU52OWRvNW5YVXJIOExqJTJGeXFvdXJESWlrYTZ3WTZrWjdaRFhHa2M1TjA1OWJlWSUzRA&tld=emprestimosim.com.br&fu=https%253A%252F%252Femprestimosim.com.br%252F&dtycbr=60044

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7c1127ab09532b04b8088a9801ba881e917c74c4b3ebfbf8d77fc5fefec73e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 18702809
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=67801&v=5.12.3&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%255B68248%252C67801%255D&adce=1&bundle=-Sr7hF9melR0aGpQaFdFaTM2ODZ1MGM1ZUlpd1NEajJEZUtOZnBtZ1ZFOGhSdGE2SngxUXhZOXUwNU5CTzZRVXZWam9PeFpLVTZQTEpTRkNsQ0E1bjVBdkgwZFJ3Ykc0cFZvWXRZYURQaHVxUTRxMlZIM1hJdmVRZ2NieHVybGpsNU52OWRvNW5YVXJIOExqJTJGeXFvdXJESWlrYTZ3WTZrWjdaRFhHa2M1TjA1OWJlWSUzRA&tld=emprestimosim.com.br&fu=https%253A%252F%252Femprestimosim.com.br%252F&dtycbr=60044
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7522480
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 tag-v5.86.js Show response
js.smct.io/t/ 63 KB
22 KB 63ms
41ms Script
application/javascript 2606:4700:10::ac43:47d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.smct.io/t/tag-v5.86.js
Requested by: Host: smct.co
URL: https://smct.co/tm/?t=emprestimosim.com.br
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:47d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 601a386e28bbb4213c034af26ca40aafd221948f47b65d45c4d6199135074df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: Cuest_MwFwMCFduGRtqI9GKaPZMUAg0H
cf-cache-status: HIT
age: 2322846
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=65185
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Apr 2022 11:21:41 GMT
server: cloudflare
etag: W/"9b9f984b1fdb5a4e663daf633347ceb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 778ebedbdcb49262-FRA
x-amz-cf-id: amnhQAnhWMqbOYwaNB4_qPVJWo8eCzm8WIb2UGr_xaSPsQDDARxGcw==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 44ms
15ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410615119637636&ev=PageView&dl=https%3A%2F%2Femprestimosim.com.br%2F&rl=&if=false&ts=1670934988137&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.2.1670934988136.1916111849&it=1670934987766&coo=false&tm=1&rqm=GET

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 12:36:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 24ms
15ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410615119637636&ev=Virtual%20Page%20View&dl=https%3A%2F%2Femprestimosim.com.br%2F&rl=&if=false&ts=1670934988138&cd[page]=%2F&cd[domain]=emprestimosim.com.br&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=28&fbp=fb.2.1670934988136.1916111849&it=1670934987766&coo=false&tm=2&exp=a1&rqm=GET

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 12:36:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect Show response
k.clarity.ms/ 0
25 B 266ms
193ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.7.0/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://emprestimosim.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
date: Tue, 13 Dec 2022 12:36:28 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 lse1.3.html Show response
ls.smct.co/ Frame 2A5D 2 KB
836 B 48ms
7ms Document
text/html 13.32.27.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.smct.co/lse1.3.html
Requested by: Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-69.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 017217e952a763a6a3ac2688bb3c1c17db0a42721148434b9060158bd08716d6

Request headers

Referer: https://emprestimosim.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29494
content-encoding: gzip
content-type: text/html
date: Tue, 13 Dec 2022 04:24:55 GMT
etag: W/"209c7964d2f1416735fde2c6d1a50b77"
last-modified: Thu, 13 Aug 2020 15:19:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-id: xcWbH0JWWkbZzYjUOLgQq9I9r6HqezkYvdfFkcvnsdAYMyBZb5Xp8A==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H3 200 events-1.6.0.min.js Show response
js.smct.io/e/ 28 KB
10 KB 52ms
51ms Script
application/javascript 2606:4700:10::ac43:47d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.smct.io/e/events-1.6.0.min.js
Requested by: Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.86.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:47d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
x-amz-version-id: 86Alo3RvPHIXLLAe0m5WQhsYLYOyKnIX
via: 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: TXL50-P4
age: 635814
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 22 Mar 2021 13:16:37 GMT
server: cloudflare
etag: W/"a1075fa3d276bd62722dbc87d77a8e62"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 778ebedc9dc79262-FRA
x-amz-cf-id: QQv4107MCoZMtjATY8yQSB6jouanlF_KcuyCMYzKVMs0ObEKwNfmSw==

GET
H3 200 emprestimosim.gif Show response
rtg.admasters.media/hit/ 73 KB
26 KB 163ms
147ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rtg.admasters.media/hit/emprestimosim.gif?ref=&lp=https%3A%2F%2Femprestimosim.com.br%2F&d=1670934988255

Requested by

Host: rtg.admasters.media
URL: https://rtg.admasters.media/resources/content/emprestimosim.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd268501305ccbbf83c90fb6305d8f6ff21e8b010158c80229e155d214836625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3b6f2832-f898-499f-b89f-86434166e2e8
x-runtime: 0.012025
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fd268501305ccbbf83c90fb6305d8f6f"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIG0nUDJjoQi0Hod%2BEoLE9bGu6d9uveckplLZduw07FUhLv7BHMcyP6L6tMRCJ2mykxwQX18J39hmxlShedIF384o4fbT2uvYcTr1B6IQW%2FNivvgPdMR8J%2FFIp8OvtGuZ%2FO5StlfrINwO3vcq%2FKDXelr"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 778ebedcbb096d7d-MUC

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 8ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1297567/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 13 Dec 2022 12:36:28 GMT
x-amz-request-id: XZ48AY8MC3YY614W
age: 1859
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: ZXMXCLJsczBoyw0v63m27AWkI94Y95ukWIGwlplqNEpaniQj72rR0y3rlTEcSHyevflymKnOHpA=
x-served-by: cache-hhn-etou8220039-HHN
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1670934988.277130,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 46
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 12695

GET
H2 200 / Show response
pips.taboola.com/ 64 B
248 B 24ms
7ms XHR
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: f9eb6603ccb26ac659a34bed8265fdfda55fc07638e9ad17f0cbffa4e3a56144

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220025-HHN
date: Tue, 13 Dec 2022 12:36:28 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://emprestimosim.com.br
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 lse1.1.html Show response
d2d7do8qaecbru.cloudfront.net/live/ Frame 8BD9 2 KB
812 B 74ms
44ms Document
text/html 18.66.112.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Requested by: Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d913a3ce24c14263a5e1ce227c5d62d30eb4a5ba50b5ccf9a9c0bb555c9ffd0f

Request headers

Referer: https://emprestimosim.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 13 Dec 2022 12:36:29 GMT
etag: W/"1de5ff62ceb05bb85f2813d8103b063a"
last-modified: Wed, 06 Nov 2019 12:06:42 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
x-amz-cf-id: VF2OSP82RKBcvyXN5I5i1qcIW6VQY5RfcWNSO3d44YDHHn9ZfHcEWQ==
x-amz-cf-pop: FRA56-P5
x-amz-version-id: 3RRTSIWom4dpK6VxcP0BNx5_6oQ0Pvyu
x-cache: RefreshHit from cloudfront

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 295ms
84ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=cb15e720-ec64-4647-aa41-e513ab1561e7-tucta91f74c&uad=ea172aa55b4891615596fc33d5e9f47eba502c11dd4d99980f1a6a6d09aaef5d&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 12:36:28 GMT
cache-control: no-store
server: nginx

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=405955031&t=event&ni=1&_s=2&dl=https%3A%2F%2Femprestimosim.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20Sim&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1rntmqy&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=943864603.1670934988&tid=UA-145849331-2&_gid=1269956902.1670934988&gtm=2wgbu0TF55M3S&cd3=GTM-TF55M3S%3A195&cd6=lista_vazia&cd10=generico&cd17=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fenjli1ng5c%2Fxn6b7t%2F1rntmqy&z=145588637

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35637
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 63 B
317 B 37ms
37ms XHR
application/x-amz-json-1.1 2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ea610213dd6a48c90051eaca7494a5c022373265339da7049c4a7d8149bfc137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://emprestimosim.com.br/
X-AMZ-TARGET: AWSCognitoIdentityService.GetId
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 12:36:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: 277931ef-ff9c-46d2-b458-f182aaf16e71
content-length: 63
content-type: application/x-amz-json-1.1

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 123ms
30ms Preflight 2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://emprestimosim.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Tue, 13 Dec 2022 12:36:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: f522e8f6-2811-4219-937d-a00658bbfbce

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 2 KB
2 KB 49ms
49ms XHR
application/x-amz-json-1.1 2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9a1c4dafff3710b5ad239d1a0159c5c8eee97c9c82689f49e008bf9a4f58f9c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://emprestimosim.com.br/
X-AMZ-TARGET: AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 12:36:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: b9aa3dd1-1c93-4ebe-b3b1-76f82b33832e
content-length: 1788
content-type: application/x-amz-json-1.1

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 30ms
30ms Preflight 2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://emprestimosim.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Tue, 13 Dec 2022 12:36:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: 2728d1db-a95e-470e-a6c0-969e5186a102

GET
H/1.1 200
OK menu.js Show response
emprestimosim.com.br/assets/js/modules/ 2 KB
1 KB 112ms
111ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/js/modules/menu.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

69951e457a34a143d2c9dc0cfbe6897d55584c73f321ff3ab9d8f2ad390341d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: Ozv07dfbhabp6DhIVUHB0g==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 657
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972A6639E4"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: 45945387-f01e-006f-6281-053154000000
Cache-Control: max-age=98
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK buttons-app.js Show response
emprestimosim.com.br/assets/js/modules/ 1 KB
1 KB 114ms
113ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/js/modules/buttons-app.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5df9635947ba9213f751fe1259ad41101c88e867a5911aad803515b81ed2ff2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: exKA3QmkgxwSe0RyBd8tUA==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 393
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972A680C94"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: 6d5ff2de-001e-0009-0581-057e74000000
Cache-Control: max-age=425
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK carousel.js Show response
emprestimosim.com.br/assets/js/modules/ 26 KB
3 KB 116ms
115ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/js/modules/carousel.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4317e231a7157037a52d4e3a41145929f0321421001ccf5a1258158421a714db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: DAxISnceMSIwrvi9KBb2Og==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 1844
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972A6E203B"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: 6d5f6f0d-001e-0009-1280-057e74000000
Cache-Control: max-age=231
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK back-to-top.js Show response
emprestimosim.com.br/assets/js/modules/ 208 B
986 B 109ms
108ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/js/modules/back-to-top.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

262544d8f2c6c0b749c689b2bb55324ce29dc8110be4e432472502ec3092ed66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: +icqBLDDTsM6T4DThWu/mQ==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 157
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972A7177DF"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: 6d60314e-001e-0009-2181-057e74000000
Cache-Control: max-age=562
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK campaign.js Show response
emprestimosim.com.br/assets/js/modules/ 219 B
996 B 115ms
114ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimosim.com.br/assets/js/modules/campaign.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fd6aa6976533618f4f0b4d0bdca57d1b3b4f480574dd21f70db079ee4a55c4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-MD5: XPN1VqUWWYLQgD55gjsR/Q==
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Content-Length: 167
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:43 GMT
ETag: "0x8DAD3972A6A0627"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-ms-request-id: 6d5fb56a-001e-0009-5481-057e74000000
Cache-Control: max-age=198
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 23ms
18ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 20:12:13 GMT
content-encoding: gzip
age: 59055
x-guploader-uploadid: ADPycdudWc5Ts2L6J44N5HoWnf9im1BLo-JgtUOR3BymQnnCs6kyp4a6d3a1Qh7ftFnh7254UXunDlkYvtsLIAo80-nqBg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "1f6a2c178b385e908b632664e93aed26"
x-goog-hash: crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation: 1663611635525811
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
expires: Tue, 13 Dec 2022 20:12:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 54ms
27ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-708477892

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-14643-9/CT-1829

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ac0382afb6d983dfb68e53f364f83257eadfe62c2d799dd70bf3433e6ccc9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52884
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 12:36:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 49ms
23ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-708477892&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

593002b12f725c709d6d479d2b73756dd7e798211049aeafca0ac5d99d204c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52916
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 12:36:28 GMT

GET
H/1.1 200
OK poster-video@2x.webp
emprestimosim.com.br/assets/images/ 88 KB
89 KB 223ms
223ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emprestimosim.com.br/assets/images/poster-video@2x.webp

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b4af1b8a1f71393d5004ded7319baf74d29d4f88d7917751adbf8b532d2b9f6d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-MD5: DyuTP9iTTwkNq67hsN3Dbg==
Connection: keep-alive
Content-Length: 90192
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 12:25:46 GMT
ETag: "0x8DAD3972C2A5765"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
x-ms-request-id: a5be98e2-901e-0046-0281-050f20000000
Cache-Control: max-age=356
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H2 200 DFPAudiencePixel;ord=6910391839893;dc_seg=973566373
pubads.g.doubleclick.net/activity;dc_iu=/73314699/ 42 B
762 B 97ms
48ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/73314699/DFPAudiencePixel;ord=6910391839893;dc_seg=973566373?

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 blue-tag.min.js Show response
event.getblue.io/js/ 8 KB
3 KB 666ms
221ms Script
application/javascript 54.94.210.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/js/blue-tag.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.210.1 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-210-1.sa-east-1.compute.amazonaws.com

Software

Resource Hash

41f40556d764448a5c8220598ddf5c7df825bced46014dbca751e80e3b3d429e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Dec 2022 10:17:06 GMT
etag: W/"7716-1670926626708"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 204 0
bat.bing.com/action/ 0
176 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17215600&Ver=2&mid=7530b3e6-d1fc-4914-b5eb-a97172cb74e0&sid=c3f6ddc07ae211ed849531962f58303c&vid=c3f70f607ae211ed962637bc35ff9d4d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20Sim&p=https%3A%2F%2Femprestimosim.com.br%2F&r=&lt=2807&evt=pageLoad&sv=1&rn=233233

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Dec 2022 12:36:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79AB73113D94450BAA223DC500EE94A0 Ref B: FRA31EDGE0520 Ref C: 2022-12-13T12:36:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 34ms
9ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:10:44 GMT
content-encoding: gzip
age: 23144
x-guploader-uploadid: ADPycds3OyjJedGoGYGLt1VSpnpS3vsnqU6rarlH4Thhk9YFYyMCRUcuwsNOX9cXwSulBKvAe5rhtjWA6DKLZc3IISQB6QmTpbyr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash: crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation: 1663611635449519
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
expires: Wed, 14 Dec 2022 06:10:44 GMT

GET
H2 200 trk
tt-14643-9.seg.t.tailtarget.com/ 70 B
637 B 155ms
109ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-14643-9.seg.t.tailtarget.com/trk?tA=TT-14643-9&tJ=_channel:sim-home:1|_channel:sim-visao-geral:1&tK=1670934989&tM=direct&tL=direct&tN=direct&tY=3&tZ=204909097
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/ 2 KB
2 KB 297ms
56ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/?random=1670934988774&cv=11&fst=1670934988774&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20Sim&auid=56201159.1670934988&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-708477892&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c6cec6628557ba65b64602b46d48d3d34854ac0470dcc089e93e8f161a105c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 901
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
336 B 138ms
111ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 94f2e31b1de367b000410147692f93d535026efc37bb24aa15996c0e89e89f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H/1.1 200
OK /
firehose.eu-west-1.amazonaws.com/ Frame 0
0 97ms
29ms Preflight 99.80.34.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.eu-west-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.34.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-34-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Request-Method: POST
Origin: https://emprestimosim.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Encoding: gzip
Content-Length: 20
Date: Tue, 13 Dec 2022 12:36:28 GMT
x-amzn-RequestId: d3f0d316-1234-ef60-8fe2-a71b4cc5b308

POST
H/1.1 200
OK / Show response
firehose.eu-west-1.amazonaws.com/ 299 B
741 B 46ms
46ms XHR
application/x-amz-json-1.1 99.80.34.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.eu-west-1.amazonaws.com/
Requested by: Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.34.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-34-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d00610ae800b21de15d523fdc8da0ff3ad35aa19c4847cdd4e300b3d5b694dc1

Request headers

accept-language: de-DE,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=ASIAX2DUJRE45YJW5RP2/20221213/eu-west-1/firehose/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token;x-amz-target, Signature=52e3bf563996eeacc7e8ce9a3d0cdc3ca21d3a1d140fea40a905d9dab6143202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
content-type: application/x-amz-json-1.1
x-amz-security-token: IQoJb3JpZ2luX2VjEJX//////////wEaCWV1LXdlc3QtMSJHMEUCIQDrNKbT/MCQyJBpWRDxxGNi2taMT7Kv8Pz6Q/WDa5752QIgYarLANg9RMKgTg5D+iAhQNbPtZ4HZ1/wUavGLN6vEcUqmwYIvv//////////ARADGgw1MzcxMTQ4MDY1ODUiDIHRpqrEJA0H2TLtICrvBXQtG8U1lagjs0dIFEvM8HLu4C92ykj9q0AelpSIclltWLVhWGGRhG8517pJjchG7m7L0k+gLR1Q4ZblIA0S8JLvGIzmbq5lARkNzGP37TbFzf6/RjSfPJnTBuOgL6KgWf72ghvHBofeuK5yFfVRqW+MWz0VZlUYckNhgf4e6EHzn9Bi255xNLhzHP2YggK9TwmBcsdCY+KV2JbORSqzp5tyvPM+h023mhYWBHZXeFpuofS34LXKWqE6cSeEQNefr7ZznJNnDt1uuY52XrSFzYhgLCjOPwURrZdjky73WWCFJPTXohI6uAbcElxhsRQeXiUiyvux+5UD3UI/aAWBHFdT7fUXp+oBAKns4PdGgqI/QFXcChb3zhDz6N5N9xYR2ZqJGCJyGpqa55yjYQmk6qa7Bc9V/6me6SUhqZ5D01lYZxNjnkDFRtJm6q+Flkxc3u93wTPgVBBbhNK/B3jkFQtSxW9PuhVZdPRL6G6TOcvsHdMm4G3eutDBtsPHncSeOijq3m5TRwOKF1cs3SG0WCP4NkWnVsdSzRmXTtgpq9MWCdoyzA1cXIcI6yQrULD0iPzDpPRSpNF6kyQe5k9KIQ/c+OgdNbj8kwf6q2I03Iuey8ceWdXQBm//GX0STsK9+sXiqFnDuCCGQsjpOY2rSTLfZNrj7AAZ2AQXaoabZZQ92rA0i0oQWCRUP5UM4OFCshvZ3GEDORVPRY+J5fUqZR0bMLtoGv0zuK5JoGgnadSbuN0DPHvRp/yR8sc0Sac29Nx0YryqeFh+6mcdcvgWWPdx8TWrZsqMskHcd6c283LNANFLazDff54D/6h3xsQ/8S7yuNNGp4MCAN+gOiHmDbCi2YMq7g+wJzpcYqG9GDPRZ8dYYupg8y4d5n3Fuyn8kuz87am1wZ06P/89q7uTr2d9wlP1K7Dn2aMM4w5Euaba2Z8L5tZ2MxPSyq6Ab0tRTfm8BSvF5neUU4Wz7RJ9dnda4Wa2RP+0gQELVFI5uJAwzOPhnAY6hwKY0tbSckgeKRA80HxQwNNKblwt+V4F2mVUVxaVJnpdWPNqxVks6x2tygr05stmFrHJDmkxalmm6nX3iywp7Bay1CcE0y5fo/+ReYy/UMXlKWnorZDymFOtv2BA/Y44gGTvWnbnsBKKGDeVutWdvoobdzrSJighUnqjYe7JpLNSq3YLzAVzoK1Ih3dvwE0fKthu3V3nC7sAqEDY8cryJD1llsJOTobWlo7UVLb0tWJfkUM1+Xszfheww11tGouNw0aa1Wn1t3L2qYgiYKXfwnR9SQzJtJZJ52g/LfJod+mJFayxYG1SsZLkwBjT8/q6KAjGeNgUsL5Nez6qB1T+P2D8Hyls8m06hQ==
Referer: https://emprestimosim.com.br/
x-amz-target: Firehose_20150804.PutRecordBatch
x-amz-date: 20221213T123628Z

Response headers

Date: Tue, 13 Dec 2022 12:36:28 GMT
Content-Encoding: gzip
x-amzn-RequestId: f61502a4-79d6-6146-aa07-76a927273d2e
Content-Type: application/x-amz-json-1.1
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length: 281
x-amz-id-2: 3EZBFX7Z39XTyhM28AQFDLI92UmX3YGxeOBw9F9iuZBa399om7SKy8LK9yt1nUqmm4KlUI9Jw/DXJXSuw+7pHSgZCy7MtBas

GET
H3 200 b Show response
b.t.tailtarget.com/ 109 B
123 B 135ms
117ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-14643-9&tY=1&tS=3&tU=0100007FCC719863A006F10002164C0B&tX=b.52&tZ=623676842
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: d26ab69896c0bc232b2e6190de9dc40d66c18ba197b61b31ab0b2327478c880e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 /
www.google.com/pagead/1p-user-list/708477892/ 42 B
64 B 42ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708477892/?random=1670934988774&cv=11&fst=1670932800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20Sim&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=413224598&rmt_tld=0&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/708477892/ 42 B
64 B 43ms
23ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/708477892/?random=1670934988774&cv=11&fst=1670932800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20Sim&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=413224598&rmt_tld=1&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
hitbr.acstat.com/emprestimosim/ 0
529 B 674ms
196ms XHR
text/plain 177.54.158.78
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://hitbr.acstat.com/emprestimosim/?sid=f1e40dab-16b8-f74b-0998-82e7c2a67d10&t_tid=db87e202-5c15-955e-3863-fe5a9cee9a73&t_dp=&wid=&par=&ref=&t_t=&t_if=0&t_s=&ih=1200&iw=1600&if_p=&s_w=1600&s_h=1200&land=https%3A%2F%2Femprestimosim.com.br%2F
Requested by: Host: advcake.dataroyal.com.br
URL: https://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 177.54.158.78 , Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS: game.strongerhosting.com.br
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:29 GMT
Last-Modified: Tuesday, 13-Dec-2022 12:36:29 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: https://emprestimosim.com.br
Cache-Control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 ca Show response
tt-14643-9.seg.t.tailtarget.com/ 68 B
108 B 142ms
108ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-14643-9.seg.t.tailtarget.com/ca?tZ=667701398
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: b1a12f61cf671652ec36bc718ba9972111b114b8544fdc989f1ee8eec475602a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 269ms
101ms Script
application/javascript 95.101.111.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAPLMFBC77UCMC06VF0G&lib=ttq
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0289df6d8a98866dd09b9d68b94d02404c1b9eda01f611ae94916e233fe5a2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 23edd9ac
date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-70-42.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=90
content-length: 1087
pragma: no-cache
server: nginx
x-tt-logid: 20221213123629E9971A76C1C8852246C0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 90,92.123.70.42
x-tt-trace-host: 01a866184f8dbbc9d5be1b57a4f37b4944d7b9b3aba2214933324e9f441c5f3e9ae2e648d0681366b02826a4584dfdb7989e4615baced5b0f8803ae3b5ac1de84ae5dda90a36a98d3e7189a2c1f86e0007
expires: Tue, 13 Dec 2022 12:36:29 GMT

GET
H2 200 p74903.js Show response
img.metaffiliation.com/u/37/ 53 KB
10 KB 85ms
29ms Script
application/javascript 192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://img.metaffiliation.com/u/37/p74903.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: 94ee15e67f3a55694274ff85a7dfe4ec199eff3f7657f5a875d3d8d1a42d4ec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: gzip
last-modified: Fri, 02 Dec 2022 12:45:23 GMT
server: nginx
etag: "6389f363-d4cf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=900
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10336

GET
H2 200 k_emprestimosim.gif
pixel.rubiconredirect.com/pixel/ 493 B
1 KB 222ms
179ms Image
image/gif 2606:4700:3030::ac43:a84c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconredirect.com/pixel/k_emprestimosim.gif?c=script&load=success
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a84c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f6c4ef5a24d1f3dddc23de1255fcc54dd65dad02044948740f7d7d01aa1737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-runtime: 0.001843
date: Tue, 13 Dec 2022 12:36:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8NZdzvHU%2BPLec3BNzC2hqGbvbqg3SShNIa07osv%2B15o%2Fq%2F1DHGwCRrh2h1K%2FiKeNz5LJpw6sENrq%2BTvUhNqtbB4H9muEUy0Zad7tIw7sxOY7DuxeqY%2Bkrrm5TEEjA1bgwwgrqoRkYBX76lIgPrHlazBR9CiV%2F87"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
status: 200 OK
cache-control: no-cache
content-transfer-encoding: binary
content-disposition: inline; filename="k_emprestimosim.gif"
cf-ray: 778ebee3fa27912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 699f05de-602b-4c20-996a-7869cb86ce2a

GET
H2 200 / Show response
event.getblue.io/p/ Frame CCAD 774 B
752 B 336ms
336ms Document
text/html 54.94.210.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&v=13072020-1328&nocache=846657946748.0173
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.94.210.1 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-210-1.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: 9dcdce0810d592c3191f6bec0d18245d5f75e1d20497d0f3218964c8ca2cf8d2

Request headers

Referer: https://emprestimosim.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 13 Dec 2022 12:36:29 GMT
tagcontainer-version: 1183-15072022-2137
vary: Accept-Encoding

GET
H2 200 / Show response
widget.getblue.io/event/ 760 B
503 B 243ms
236ms Script
text/javascript 54.94.210.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getblue.io/event/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&v=13072020-1328&if=0&nocache=5237627909573.497
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.94.210.1 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-210-1.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: 5b92a408bbe994550b7055a07066d79ec13a646062d36f046dbd84a9d59e86e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/ 2 KB
975 B 71ms
54ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/?random=1670934989444&cv=11&fst=1670934989444&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=GrtCCNKU_98CEMSH6tEC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20Sim&auid=56201159.1670934988&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-708477892&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

448008a6708ac97a70baa6324eab7ee618962cdac0648ecd196929be76ec3798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 951
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tr
www.facebook.com/ 0
18 B 29ms
13ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=410615119637636&ev=Tail&cd[custom_audience]=CA28591

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 12:36:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 123ms
108ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-14643-9&tE=0&tF=&tI=_berlin_land%20berlin_de_1670934989106_1358891721&tJ=CA28591&tQ=sim-home,sim-visao-geral&tU=0100007FCC719863A006F10002164C0B&tX=b.52&tY=1&tZ=908934101
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:29 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/708477892/ 42 B
64 B 25ms
25ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708477892/?random=1670934989444&cv=11&fst=1670932800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=GrtCCNKU_98CEMSH6tEC&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20Sim&data=event%3Dconversion&fmt=3&is_vtc=1&random=4101712034&rmt_tld=0&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/708477892/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/708477892/?random=1670934989444&cv=11&fst=1670932800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=GrtCCNKU_98CEMSH6tEC&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20Sim&data=event%3Dconversion&fmt=3&is_vtc=1&random=4101712034&rmt_tld=1&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1297567/log/3/ 0
250 B 58ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1297567/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=25&ssd=1&est=1670934987992&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670934989552&vi=1670934987990&ri=5344350786daa67ff548b9daad51b620&sd=v2_22cc631ec4a321322e90e5f90d05a054_cb15e720-ec64-4647-aa41-e513ab1561e7-tucta91f74c_1670934988_1670934988_CNawjgYQn5lPGNaJ8tvQMCABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGiQ8oHT17O4ql1wAA&ui=cb15e720-ec64-4647-aa41-e513ab1561e7-tucta91f74c&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Femprestimosim.com.br%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1297567/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
pragma: no-cache
date: Tue, 13 Dec 2022 12:36:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 k_emprestimosim.gif Show response
pixel.rubiconredirect.com/pixel/ 493 B
1 KB 220ms
204ms Script
application/octet-stream 2606:4700:3030::ac43:a84c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconredirect.com/pixel/k_emprestimosim.gif
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a84c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e39f710094385f3fee0e9450350f07b46d2d7b6891557b5e2865d24483c9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-runtime: 0.000589
date: Tue, 13 Dec 2022 12:36:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=du0OHQTKdPVty4o2qlPvzaG6ndfgouVwaNOZxBqVYQJIhV9%2F6ECZri9VmX7MhQETei0b9Zox4wFiEiS7Ak6gxRLKYq6w9ztalXicckPgN%2FfwB5mgijPKGqbSwBy9lDh%2BVrxFjy4iQSGzFUl%2BvNLeUoYtbjkCfFjE"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
status: 200 OK
cache-control: no-cache
content-transfer-encoding: binary
content-disposition: inline; filename="k_emprestimosim.gif"
cf-ray: 778ebee53b7eb3ad-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: a356bfff-adbb-49ef-b199-b736b3eebb79

GET
H2 200 main.MTRjZDliOGFlMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 211 KB
61 KB 10ms
10ms Script
application/javascript 95.101.111.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAPLMFBC77UCMC06VF0G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 26ffdc4c21800007afa59f4958232ceb5b7ee1c74daf7f283117a13387346b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 23edda02
date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2022120214012316D8741819121D2EAE1E
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a92-123-70-42.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d7659743bf7a949b92ec5c3293e39b66f9181a414565333dd41dd206a6654d7ad0891a2180b6cf119557787643b270a120270c759476a03c2e520e8839aea81f31217b56b81a7daca2192407d8c4d096
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 62271

GET
H2 200 identify_87671.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 11ms
11ms Script
application/javascript 95.101.111.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_87671.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 23edda1a
date: Tue, 13 Dec 2022 12:36:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221202140103D8BD093EE9EC79339F83
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a92-123-70-42.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010124778a1ad144c7800ad2f37ca997758a323311bb3c6bca0ba34f9102e135e9273bbd19e52d84cdb257b08105976d92e9f657061af844670e3f3f285d891958c983c996a2d00a2cf5f51af932aaa47b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 30873

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
548 B 122ms
122ms Ping
application/octet-stream 95.101.111.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://emprestimosim.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:29 GMT
x-akamai-request-id: 23edda36
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20221213123629B1418E3A446B4D27EA79
x-cache: TCP_MISS from a92-123-70-42.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 108,92.123.70.42
x-tt-trace-host: 01a866184f8dbbc9d5be1b57a4f37b4944d7b9b3aba2214933324e9f441c5f3e9ab6f27e8b646ec31afbbf4e6359e1f029ad133a2f3093a963fcf8dbb2b3dfc116874183b7755209092f40e42f0f8c0cf2
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=5, origin; dur=108
content-length: 0
expires: Tue, 13 Dec 2022 12:36:29 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
687 B 125ms
125ms Ping
application/octet-stream 95.101.111.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://emprestimosim.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 10309ebc.23edda37
date: Tue, 13 Dec 2022 12:36:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-70-42.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 106,92.123.70.42
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=16, inner; dur=14
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221213123629ACA5493102105A2224F0
x-cache-remote: TCP_MISS from a23-222-16-52.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.222.16.52
x-tt-trace-host: 01a866184f8dbbc9d5be1b57a4f37b49447d08b037870efc4b52efee3d929ccabc6d3ee237f4642568516018084af4c5dae08e3ecfff316abf3388acd0faa5ddc6bcf4643168e3ec011ed609163af25d23c76207954c2fdc3e3e4678704c184541
expires: Tue, 13 Dec 2022 12:36:29 GMT

GET
H2

200

/
cms.getblue.io/cm/ Frame CCAD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=getblue&google_cm&&google_sc&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&google_ula=7141573074&ula=7141573074&goog...
https://cms.getblue.io/cm/?src=adx&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&ula=7141573074&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&google_gid=CAESEHhz28m...

2 B
100 B

668ms
215ms

Image
application/json

54.207.14.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=adx&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&ula=7141573074&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&google_gid=CAESEHhz28m-vYWQmmUQn3zEYcg&google_cver=1&google_ula=7141573074,0
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&v=13072020-1328&nocache=846657946748.0173
Protocol: H2
Server: 54.207.14.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-207-14-86.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:30 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cms.getblue.io/cm/?src=adx&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&ula=7141573074&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&google_gid=CAESEHhz28m-vYWQmmUQn3zEYcg&google_cver=1&google_ula=7141573074,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame CCAD
Redirect Chain

https://ib.adnxs.com/setuid?entity=449&code=CCEF374C-BDE5-47DD-9CA3904D489EEEA7
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3DCCEF374C-BDE5-47DD-9CA3904D489EEEA7

43 B
1 KB

206ms
98ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3DCCEF374C-BDE5-47DD-9CA3904D489EEEA7

Requested by

Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&v=13072020-1328&nocache=846657946748.0173

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 12:36:30 GMT
AN-X-Request-Uuid: 517d8302-1e1c-4aa1-b89b-a573505ada30
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.201; 80.255.10.201; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 12:36:30 GMT
AN-X-Request-Uuid: 4471e0c9-b08a-4218-907d-e3715a7e775e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3DCCEF374C-BDE5-47DD-9CA3904D489EEEA7
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.201; 80.255.10.201; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
cms.getblue.io/cm/ Frame CCAD
Redirect Chain

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&appn...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3DCCEF374C-BDE5-47DD-9CA3904D489EEEA7%26cid%3D5C452402-DDBE-CC15-BDE4291B44D501AB%26blueID%3D6c5...
https://cms.getblue.io/cm/?src=appnexus&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&appnexusid=7997888596615906682

2 B
99 B

216ms
215ms

Image
application/json

54.207.14.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=appnexus&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&appnexusid=7997888596615906682
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&v=13072020-1328&nocache=846657946748.0173
Protocol: H2
Server: 54.207.14.86 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-207-14-86.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:30 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 12:36:30 GMT
AN-X-Request-Uuid: 17d5b66c-96f1-4922-b537-e94eb95b0e98
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cms.getblue.io/cm/?src=appnexus&ckid=CCEF374C-BDE5-47DD-9CA3904D489EEEA7&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=6c5189db-ddcb-44b9-83e0-09e760b0d2de&appnexusid=7997888596615906682
Connection: keep-alive
X-Proxy-Origin: 80.255.10.201; 80.255.10.201; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 k_emprestimosim.js Show response
scripts.rubiconredirect.com/scripts/ 89 KB
33 KB 182ms
168ms Script
text/javascript 2606:4700:3030::ac43:a84c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.rubiconredirect.com/scripts/k_emprestimosim.js
Requested by: Host: pixel.rubiconredirect.com
URL: https://pixel.rubiconredirect.com/pixel/k_emprestimosim.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a84c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2e9e004b4613a50ef16adf30ab8f8185b0b5581248a44c4bb9476897d13973

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: d8021866-3de3-4761-ad27-c6c3f8356d1f
x-runtime: 0.011410
server: cloudflare
etag: W/"ed2e9e004b4613a50ef16adf30ab8f81"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHGWIzyF6FHxsgofv1mznHNRuqqa7FxhtTkXsBUvtIambhqXCucyWH6LASLhUmyruguyw3hb3uRknFeh4S8EOdLMyitbloDOs6vad1IaVgafAZU7QLNbiJnGQlSWFI8v30ZhLYaHISyauqaaiRCJNeYp5eDC4DHgH84%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, public
cf-ray: 778ebee69f6f912b-FRA
expires: 2022-11-13 12:36:29 UTC

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 99ms
98ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.7.0/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://emprestimosim.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
date: Tue, 13 Dec 2022 12:36:30 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H/1.1 200
OK 326e82c9-2b36-4fb4-9ec0-7f3b6169ee95 Show response
api.soclminer.com.br/v2.1/customers/ 20 B
509 B 475ms
158ms XHR
application/json 54.84.230.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.soclminer.com.br/v2.1/customers/326e82c9-2b36-4fb4-9ec0-7f3b6169ee95?format=json&url=https%3A%2F%2Femprestimosim.com.br%2F&referrer=&paramOnSession=&isMobile=false
Requested by: Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.230.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-230-86.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ServiceStack/3,971 Win32NT/.NET, ASP.NET
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:31 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ServiceStack/3,971 Win32NT/.NET, ASP.NET
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, JSNLog-RequestId
Content-Length: 20

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=B4679A03C59C453D84A87249BC50E0C2&RedC=c.clarity.ms&MXFR=0822308C384A6F6832BC22F53C4A61DC
https://c.clarity.ms/c.gif?CtsSyncId=B4679A03C59C453D84A87249BC50E0C2&MUID=300CD7B072606F4A31A4C5C973EB6E45

42 B
369 B

31ms
27ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=B4679A03C59C453D84A87249BC50E0C2&MUID=300CD7B072606F4A31A4C5C973EB6E45
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:30 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
server: Microsoft-IIS/10.0
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 49042918EA1B4CBE9F2F7355E106ACF5 Ref B: FRA31EDGE0520 Ref C: 2022-12-13T12:36:31Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=B4679A03C59C453D84A87249BC50E0C2&MUID=300CD7B072606F4A31A4C5C973EB6E45
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame ACD8
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-9iTpRztxfH7zkuTYykwnpSPUNHxe5r-hD9-0_A&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-9iTpRztxfH7zkuTYykwnpSPUNHxe5r-hD9-0_A&expires=30

43 B
345 B

36ms
35ms

Image
image/gif

35.158.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-9iTpRztxfH7zkuTYykwnpSPUNHxe5r-hD9-0_A&expires=30
Protocol: H2
Server: 35.158.31.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-31-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-9iTpRztxfH7zkuTYykwnpSPUNHxe5r-hD9-0_A&expires=30
date: Tue, 13 Dec 2022 12:36:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame ACD8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-mXePyjtxfH7zkuTYykwnpSPUNHzPTt6AErAJnw&google_cm&google_hm=ay1tWGVQeWp0eGZIN3prdVRZeWt3bnBTUFVOSHpQVHQ2Q...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mXePyjtxfH7zkuTYykwnpSPUNHzPTt6AErAJnw&google_gid=CAESEN5Y97VTLHcVw520bYggiqA&google_cver=1&google_ula=913071,0

43 B
370 B

31ms
24ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mXePyjtxfH7zkuTYykwnpSPUNHzPTt6AErAJnw&google_gid=CAESEN5Y97VTLHcVw520bYggiqA&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1387926
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mXePyjtxfH7zkuTYykwnpSPUNHzPTt6AErAJnw&google_gid=CAESEN5Y97VTLHcVw520bYggiqA&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame ACD8
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7997888596615906682

43 B
371 B

32ms
32ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7997888596615906682

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10164498
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 12:36:31 GMT
AN-X-Request-Uuid: 840d0cc1-e54d-4dc3-a0e4-eb5ee9030fba
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7997888596615906682
Connection: keep-alive
X-Proxy-Origin: 80.255.10.201; 80.255.10.201; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame ACD8
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WvogfDtxfH7zkuTYykwnpSPUNHw_Ze5H0OlvLw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WvogfDtxfH7zkuTYykwnpSPUNHw_Ze5H0OlvLw&C=1

43 B
867 B

59ms
45ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WvogfDtxfH7zkuTYykwnpSPUNHw_Ze5H0OlvLw&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7O8F1MQYjrHzCYMNtJ%2BIjRa0OSaMu6xY22nsUFYCODea1Cd6GzBdmlTD1Y2K8JEBKmuqMIIzISYEhsdZ1Smh%2BXE1UdGTKvd1oCkIm85x43HdBXTYPIMGrU1%2F%2BXgkQleHqcyA"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 778ebeeee8205b26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7skJoeL%2BIr4zFsjqRC6QtXq78bz2jYlNv55sDMS0fB%2FuScDTnWiPV8C8sh06ruEQKRMJhgVNGNk92CZTy296t%2BeuLFdPveHvgsSvjNR8OT9%2FvPiowSz7JPxcKA4cyy5q60i"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-WvogfDtxfH7zkuTYykwnpSPUNHw_Ze5H0OlvLw&C=1
cache-control: no-cache
cf-ray: 778ebeee8cd191d8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame ACD8
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-JDhfJztxfH7zkuTYykwnpSPUNHzW9XF9FbvKtw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JDhfJztxfH7zkuTYykwnpSPUNHzW9XF9FbvKtw

43 B
446 B

35ms
32ms

Image
image/gif

54.194.160.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JDhfJztxfH7zkuTYykwnpSPUNHzW9XF9FbvKtw
Protocol: H2
Server: 54.194.160.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-160-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 12:36:31 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JDhfJztxfH7zkuTYykwnpSPUNHzW9XF9FbvKtw
date: Tue, 13 Dec 2022 12:36:31 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame ACD8 45 B
787 B 106ms
33ms Image
image/gif 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-IQx3QTtxfH7zkuTYykwnpSPUNHwqhXM_lMf5pg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 13 Dec 2022 12:36:31 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Tue, 13 Dec 2022 12:36:31 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame ACD8 0
145 B 395ms
96ms Image
text/plain 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-LRAuAztxfH7zkuTYykwnpSPUNHweJ6Qn-6s6AQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 12:36:31 GMT
Cache-Control: no-cache
X-TraceId: 9b2545a2e634b1a658482babf69b14b9
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame ACD8 0
239 B 85ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-K21qkztxfH7zkuTYykwnpSPUNHw1tWtc6-j5GA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame ACD8 0
35 B 81ms
8ms Image
text/plain 18.196.238.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-sFTmLTtxfH7zkuTYykwnpSPUNHwk0ScIssZqfg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.238.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-238-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:31 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame ACD8 43 B
163 B 136ms
24ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-b0dueTtxfH7zkuTYykwnpSPUNHzGi46J89eV5g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:31 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame ACD8 0
98 B 132ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-BRGifDtxfH7zkuTYykwnpSPUNHwkkfyMnAvc6Q
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13209

GET
H2 200 um
criteo-sync.teads.tv/ Frame ACD8 23 B
172 B 95ms
35ms Image
image/gif 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-iGF1zztxfH7zkuTYykwnpSPUNHwPcpd4wwdO5g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires: Tue, 13 Dec 2022 12:36:31 GMT
pragma: no-cache
date: Tue, 13 Dec 2022 12:36:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame ACD8 37 B
140 B 54ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-puUlkjtxfH7zkuTYykwnpSPUNHyboIR6exj_iQ&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame ACD8 0
398 B 63ms
15ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-v0YBJDtxfH7zkuTYykwnpSPUNHzG7aORhopldQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 put
e1.emxdgt.com/ Frame ACD8 0
55 B 55ms
14ms Image
text/html 18.158.8.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-6zDzMDtxfH7zkuTYykwnpSPUNHyiTgl-S0iTJA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:30 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame ACD8 43 B
163 B 81ms
21ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-DpQtpztxfH7zkuTYykwnpSPUNHx9yvGlnqbpxg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:31 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame ACD8 49 B
235 B 75ms
18ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-u-NFbjtxfH7zkuTYykwnpSPUNHwNZevo-FOjlA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:30 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame ACD8
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=K6imEIFEShBwBUvDPGAq_8dXh02lHolh
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=K6imEIFEShBwBUvDPGAq_8dXh02lHolh

42 B
942 B

35ms
34ms

Image
image/gif

52.213.249.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=K6imEIFEShBwBUvDPGAq_8dXh02lHolh

Protocol

HTTP/1.1

Server

52.213.249.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-249-147.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0dc3ea27c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MIhzsSXYQxM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-071cdea73.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ZRMFMvUvRVA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=K6imEIFEShBwBUvDPGAq_8dXh02lHolh
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame ACD8 43 B
1 KB 45ms
9ms Image
image/gif 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-CXQq0ztxfH7zkuTYykwnpSPUNHzkB7etLvf3HA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 13 Dec 2022 12:36:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame ACD8 42 B
274 B 51ms
20ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-SGBWJjtxfH7zkuTYykwnpSPUNHwz7XXfIIDRtw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:30 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame ACD8 0
879 B 43ms
9ms Image
text/html 35.158.195.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-g4_B2DtxfH7zkuTYykwnpSPUNHw24iOzcSMDkg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.195.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-195-201.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:31 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame ACD8 43 B
183 B 517ms
91ms Image
image/gif 2600:1f18:612b:4216:7c0:9dd:bfc5:265a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-0bPcuztxfH7zkuTYykwnpSPUNHzYgjDJwZIZBg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:7c0:9dd:bfc5:265a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 13 Dec 2022 12:36:31 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame ACD8 43 B
153 B 58ms
19ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-pmPTqDtxfH7zkuTYykwnpSPUNHyRuseyRHxC8g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 12:36:31 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame ACD8 0
525 B 56ms
24ms Image
text/plain 184.31.94.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-Y_qZEDtxfH7zkuTYykwnpSPUNHxa_ttUOkfAkQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.94.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-31-94-14.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 12:36:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 12 Dec 2022 12:36:31 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame ACD8 43 B
220 B 120ms
30ms Image
image/gif 54.155.179.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-8lSO_DtxfH7zkuTYykwnpSPUNHxi43QYV5un8A&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.179.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-179-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 13 Dec 2022 12:36:31 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 click Show response
redirect.lista10.dev/ Frame 8E40 236 B
470 B 298ms
245ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirect.lista10.dev/click?click_id=T6TyTk45MGov4cg8

Requested by

Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/emprestimosim.gif?ref=&lp=https%3A%2F%2Femprestimosim.com.br%2F&d=1670934988255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57e701a602643839c5053dc0afebfa3249366b35f16e133d9906fc0291c30ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimosim.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 778ebeeedf2c9a1d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 12:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDk3vuvmJAL1PcIZgkJGZkOoewPiuTueO3ucgZvAEJCJBq3FkaL%2FtqMf7bDNFs68V3O8nMGoa3ECea4MsjRUv2Ce31W1wgjdSIYgW1ULwU%2BpJwlf9BOl6NIQBLPjkHH48d8oAHwrtzTVewawII7TXD%2Fqpw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 200 OK
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 9e089a33-7c6c-4e67-9d3f-5a378fadc4bb
x-runtime: 0.012080
x-xss-protection: 1; mode=block

GET
H2 200 click Show response
redirect.lista10.dev/ Frame DDBA 238 B
840 B 205ms
161ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirect.lista10.dev/click?click_id=5cXc1fZfx2Azrofy

Requested by

Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/emprestimosim.gif?ref=&lp=https%3A%2F%2Femprestimosim.com.br%2F&d=1670934988255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bebfaca4ac090e3cc806a33d3c29a1abbfd2cd1eef46a74baf34029866511d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimosim.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 778ebeeedf2f9a1d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 12:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdyfhdZbzsTeDXT2cQAlYImUS7Y4mDCVdU%2FaxbvLVYQMkSv3%2Bc%2BkNDMvf8pC6wzj%2BtcUOWOCi8rJ3VgvoWqddg%2FbUeVQhIq%2BV9rgpZPGW5NpbxFiOnkVGbyI5ej4c9su%2BcbZSIb0tVsdP4kx1e9H8CMFLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 200 OK
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 536c6e7d-03fd-4673-a745-b48f0b9cf504
x-runtime: 0.008474
x-xss-protection: 1; mode=block

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame ACD8
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wHvUzc8U1CyHqjndvaxDlHga82LB9VqZ

0
338 B

131ms
32ms

Image
text/plain

34.252.45.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wHvUzc8U1CyHqjndvaxDlHga82LB9VqZ
Protocol: H2
Server: 34.252.45.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-45-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Tue, 13 Dec 2022 12:36:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1670934991
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wHvUzc8U1CyHqjndvaxDlHga82LB9VqZ
date: Tue, 13 Dec 2022 12:36:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1081728
content-length: 0

GET
H2

200

country-341630
br.betano.com/myaccount/ban/ Frame DDBA
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_15474b_1238c_&affid=3237&siteid=15474&adid=1238&c=
https://gml-grp.com/C.ashx?btag=a_15474b_1238c_&affid=3237&siteid=15474&adid=1238&c=&AutoR=1
https://br.betano.com/register/?btag=a_15474b_1238c_[CustomMergeFields]&siteid=15474
https://br.betano.com/myaccount/ban/country-341630?siteid=14

0
0

100ms
100ms

Image
text/html

2606:4700::6811:5459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by: Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=5cXc1fZfx2Azrofy
Protocol: H2
Server: 2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redirect.lista10.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date: Tue, 13 Dec 2022 12:36:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
location: /myaccount/ban/country-341630?siteid=14
x-farm: 05
cache-control: no-store
cf-ray: 778ebef20f63996e-FRA
x-xss-protection: 1; mode=block
x-cacheable-status: 302

GET
H2

200

/
iqbroker.com/lp/mobile-partner/pt/ Frame 8E40
Redirect Chain

https://iqbroker.com/lp/mobile-partner/en/?aff=298933
https://affiliate.iqbroker.com/redir/?forceBackLink=1&aff=298933
https://iqbroker.com/lp/mobile-partner/pt/

0
0

15ms
14ms

Image
text/html

185.117.134.138
IQOPTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iqbroker.com/lp/mobile-partner/pt/
Requested by: Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=T6TyTk45MGov4cg8
Protocol: H2
Server: 185.117.134.138 , Cyprus, ASN204006 (IQOPTION, CY),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date: Tue, 13 Dec 2022 12:36:31 GMT
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
server: nginx
x-cdn: Imperva
location: https://iqbroker.com/lp/mobile-partner/pt/
x-iinfo: 11-415920075-415920080 NNNN CT(11 20 0) RT(1670934991585 11) q(0 0 1 0) r(1 1) U5
backend: arbitre_v4_api
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame ACD8
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=r2X3Y2cHDYnGq1ztv5KyyG8azbW70fhl

35 B
268 B

345ms
103ms

Image
image/gif

13.59.93.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=r2X3Y2cHDYnGq1ztv5KyyG8azbW70fhl
Protocol: H2
Server: 13.59.93.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-59-93-104.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:31 GMT
x-bt-requestid: c5c34620-7ae2-11ed-9c33-0000ac1702a6
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=r2X3Y2cHDYnGq1ztv5KyyG8azbW70fhl
date: Tue, 13 Dec 2022 12:36:30 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 3206520
content-length: 0

GET
H2 502 lod
altopd.com/ 0
0 76ms
39ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://altopd.com/lod
Requested by: Host: img.metaffiliation.com
URL: https://img.metaffiliation.com/u/37/p74903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H/1.1 200
OK ca.js Show response
rd.afftrack.pro/ 434 B
933 B 406ms
90ms Script
application/javascript 138.197.230.29
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.afftrack.pro/ca.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.230.29 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: d99c6013719ea00b7ade92725c2832fce75561a151fce147e0b398585e79af6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:32 GMT
x-powered-by: Express
surrogate-control: no-store
transfer-encoding: chunked
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate,private
expires: 0

GET
H2 200 btp.js Show response
www.rtb123.com/tags/2AABB9B1-9257-848F-203D-BF9D391C28E9/ 22 B
246 B 378ms
119ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/2AABB9B1-9257-848F-203D-BF9D391C28E9/btp.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a35088155b3b54456712bdb94de13525ceced4eb878d242ba7a201373e18e451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 13 Dec 2022 12:36:31 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 18:31:14 GMT
server: Microsoft-IIS/10.0
etag: "f0f025ae55c1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 45

GET
H2 200 produto_santandersim.js Show response
tags.fulllab.com.br/scripts/ 586 B
865 B 739ms
98ms Script
text/javascript 144.126.250.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.fulllab.com.br/scripts/produto_santandersim.js

Requested by

Host: img.metaffiliation.com
URL: https://img.metaffiliation.com/u/37/p74903.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.250.218 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

f38faad9febeaa4ffa814a63624d6450dc453184f24ca5e89bbb83a50e169a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-runtime: 0.007813
date: Tue, 13 Dec 2022 12:36:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"f38faad9febeaa4ffa814a63624d6450"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
x-request-id: 4968c4e60400fe2000a66a834570cc25
expires: 2022-11-13 12:36:32 UTC

GET
H2 200 pixel_px_santandersim.js Show response
rtgpix.com/resources/scripts/src/ 0
0 718ms
119ms Script
application/json 104.156.53.91
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtgpix.com/resources/scripts/src/pixel_px_santandersim.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.156.53.91 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 104-156-53-91.static.hvvc.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H2 200 tag.js Show response
pixel.adensemble.com/event/ 402 B
483 B 95ms
8ms Script
text/javascript 52.28.121.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adensemble.com/event/tag.js?gdpr=0&gdprConsent=&adid=151&tid=10028
Requested by: Host: img.metaffiliation.com
URL: https://img.metaffiliation.com/u/37/p74903.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.121.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-121-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d74f17825c2404f3cbee131720fc6a13c86f1aa5605adfb9db1c9bd1c39b1f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:32 GMT
content-length: 402
content-type: text/javascript;charset=UTF-8

GET
H/1.1

200
OK

LAL.d Show response
js.sddan.com/
Redirect Chain

https://js.cookieless-data.com/LAL.d?pa=22449&target=1&r=&u=https%3A%2F%2Femprestimosim.com.br%2F
https://js.sddan.com/LAL.d?pa=22449&target=1&r=&u=https%3A%2F%2Femprestimosim.com.br%2F
https://js.sddan.com/LAL.d?pa=22449&target=1&r=&u=https%3A%2F%2Femprestimosim.com.br%2F&bounce=1

10 KB
4 KB

43ms
43ms

Script
text/javascript

51.15.145.116
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sddan.com/LAL.d?pa=22449&target=1&r=&u=https%3A%2F%2Femprestimosim.com.br%2F&bounce=1

Protocol

HTTP/1.1

Server

51.15.145.116 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-145-116.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

82bf82d63f3199a81248b22e24bee9893f9f8b2d7b022e4d8612dd5a9a4417ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 12:36:32 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx/1.20.2
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 12:36:32 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Location: https://js.sddan.com/LAL.d?pa=22449&target=1&r=&u=https%3A%2F%2Femprestimosim.com.br%2F&bounce=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 200 trk.js Show response
pixel.adensemble.com/event/ 247 B
537 B 535ms
534ms Script
text/javascript 52.28.121.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adensemble.com/event/trk.js?adid=151&tid=10028&ref=https%3A%2F%2Femprestimosim.com.br%2F
Requested by: Host: pixel.adensemble.com
URL: https://pixel.adensemble.com/event/tag.js?gdpr=0&gdprConsent=&adid=151&tid=10028
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.121.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-121-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 656442384ce64a2a180dc5e9665423b59a42d805c057710019f1486776d6ae34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:32 GMT
content-length: 247
content-type: text/javascript;charset=UTF-8

GET
H2 200 status.js Show response
trk.datnova.com/ 330 B
962 B 197ms
158ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.datnova.com/status.js?pid=22449
Requested by: Host: js.cookieless-data.com
URL: https://js.cookieless-data.com/LAL.d?pa=22449&target=1&r=&u=https%3A%2F%2Femprestimosim.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b59340f5b448928a72cbb60cbaa273109fc3b84380429f7db4b53e81b5b446

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:32 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 13 Dec 2022 05:27:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veizwbwhmtAbEPseoUzmfGGv4m8Q5ETrJq8PHk41BhNjRxI%2Fbs3huApDXMA4lvT9RuJE3D1pcJmCPUI5G3FHKySvLSRSFFJe%2BTsklCdA4NMRWzUxtVS3fKIu9Btuv2un53NNwV1%2BeITzFb6ufwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://emprestimosim.com.br
cache-control: public, max-age=14400, s-maxage=120, no-transform
access-control-allow-credentials: true
cf-ray: 778ebef61835bb91-FRA
access-control-allow-headers: *
cdn-cache-control: max-age=120
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 310ms
109ms Image
image/gif 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=3149906:22449&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 12:36:32 GMT
AN-X-Request-Uuid: 70fe320f-da53-4ed2-be35-a12d3bd2780b
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.201; 80.255.10.201; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 416ms
105ms Image
image/gif 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=17066422&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 12:36:32 GMT
AN-X-Request-Uuid: 316a4898-a6e6-454f-8b6d-5a78121c0845
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.201; 80.255.10.201; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK campaign_name_4pM7SwqgRMaHR0cHM6Ly9lbXByZXN0aW1vc2ltLmNvbS5ici8=.js Show response
rd.afftrack.pro/ 0
490 B 91ms
91ms Script
application/javascript 138.197.230.29
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.afftrack.pro/campaign_name_4pM7SwqgRMaHR0cHM6Ly9lbXByZXN0aW1vc2ltLmNvbS5ici8=.js
Requested by: Host: rd.afftrack.pro
URL: https://rd.afftrack.pro/ca.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.230.29 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 12:36:32 GMT
x-powered-by: Express
surrogate-control: no-store
transfer-encoding: chunked
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate,private
expires: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1297567/log/3/ 0
249 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1297567/log/3/unip?en=pre_d_eng_tb&tos=4559&scd=25&ssd=1&est=1670934987992&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670934992553&vi=1670934987990&ri=5344350786daa67ff548b9daad51b620&sd=v2_22cc631ec4a321322e90e5f90d05a054_cb15e720-ec64-4647-aa41-e513ab1561e7-tucta91f74c_1670934988_1670934988_CNawjgYQn5lPGNaJ8tvQMCABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGiQ8oHT17O4ql1wAA&ui=cb15e720-ec64-4647-aa41-e513ab1561e7-tucta91f74c&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Femprestimosim.com.br%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1297567/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
pragma: no-cache
date: Tue, 13 Dec 2022 12:36:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pix.jpg
pixel.adensemble.com/img/ 3 KB
3 KB 15ms
14ms Image
image/jpeg 52.28.121.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adensemble.com/img/pix.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.121.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-121-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a551120486d9e5ab3350b756b353aec977ce9e6136b03d7f99fb79b2d5a5734e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:32 GMT
last-modified: Wed, 16 Nov 2022 12:59:48 GMT
accept-ranges: bytes
content-length: 2787
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/jpeg

GET
H2 200 safeframe Show response
tags.fulllab.com.br/ Frame E04B 2 KB
2 KB 94ms
94ms Document
text/html 144.126.250.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.fulllab.com.br/safeframe

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/scripts/produto_santandersim.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.250.218 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimosim.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 12:36:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-request-id: cb1929b29bc39751e3d66b9296d66daa
x-runtime: 0.002395
x-xss-protection: 1; mode=block

GET
H3 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/ Frame E04B 29 KB
10 KB 88ms
77ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/fingerprint2.min.js

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.fulllab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3618954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9392
last-modified: Mon, 04 May 2020 16:10:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5c-72e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnpiNgm7fbYS6EuqHIaLKzIv1HI8SNf0fS4SskcEsP29gJcodHQFV7x1pNGwXtmEHZv%2BRHqnxjfMDaG5lNV%2B%2F6wGhJalvQOhafdHvj9DqA4XMZg117aHKeDzMnyJ6cdBWQ3pv0Xh%2FEESV%2BmPFbioWB0r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 778ebefa2c969b69-FRA
expires: Sun, 03 Dec 2023 12:36:32 GMT

GET
H3 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ Frame E04B 2 KB
1 KB 38ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.fulllab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1020844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 701
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-653"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BxS%2BNtPEQaQFr6Yr2DSh2EJUfZ6gYHm7BIdncu%2B5w%2FQ6kLLvPMB%2Bha%2BVaeZfWGdG1BI4Kh4Yn%2FrCRnYdwMYZnUktN%2BFfEp2fKoJpNp3WVs%2BtaVZBq9uF6vZR5fi1fagvffnPyJHk4ZkhgN2doKlULry"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 778ebefa2c9c9b69-FRA
expires: Sun, 03 Dec 2023 12:36:32 GMT

GET
H3 200 url-tld.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/ Frame E04B 4 KB
2 KB 34ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/url-tld.min.js

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.fulllab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 885544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1574
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-fd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTyGUWWsTboFNHMLA788LmbnMILV9G8xK0Vg7mINOesVYB%2BQI%2FVW8IPZQMEj7X9nXrvwI73jtZNIeHA6gvF4DcHHrcsY14fZAkB9wqAJXSRYTv9bJTevdNeUCvD1FapnxQbxUwpKBqBC2voVBXntHhTW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 778ebefa2c929b69-FRA
expires: Sun, 03 Dec 2023 12:36:32 GMT

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 97ms
97ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.7.0/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://emprestimosim.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
date: Tue, 13 Dec 2022 12:36:33 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

120 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.emprestimosim.com.br/	1970-01-20 10:18:30	Name: _gcl_au Value: 1.1.56201159.1670934988
.emprestimosim.com.br/	1970-01-20 17:44:54	Name: _ga Value: GA1.3.943864603.1670934988
.emprestimosim.com.br/	1970-01-20 08:10:21	Name: _gid Value: GA1.3.1269956902.1670934988
.emprestimosim.com.br/	1970-01-20 08:08:55	Name: _gat_UA-145849331-2 Value: 1
.bing.com/	1970-01-20 17:30:30	Name: MUID Value: 300CD7B072606F4A31A4C5C973EB6E45
www.clarity.ms/	1970-01-20 16:54:30	Name: CLID Value: 72e29a923de349b9a67a68e79fb2590c.20221213.20231213
.criteo.com/	1970-01-20 17:30:30	Name: uid Value: e8792f7f-ee7c-446c-88f1-1bd4cb39e0b6
.emprestimosim.com.br/	1970-01-20 16:54:30	Name: _clck Value: xn6b7t\|1\|f7d\|0
.emprestimosim.com.br/	1970-01-20 17:38:18	Name: cto_bundle Value: -Sr7hF9melR0aGpQaFdFaTM2ODZ1MGM1ZUlpd1NEajJEZUtOZnBtZ1ZFOGhSdGE2SngxUXhZOXUwNU5CTzZRVXZWam9PeFpLVTZQTEpTRkNsQ0E1bjVBdkgwZFJ3Ykc0cFZvWXRZYURQaHVxUTRxMlZIM1hJdmVRZ2NieHVybGpsNU52OWRvNW5YVXJIOExqJTJGeXFvdXJESWlrYTZ3WTZrWjdaRFhHa2M1TjA1OWJlWSUzRA
.emprestimosim.com.br/	1970-01-20 10:18:30	Name: _fbp Value: fb.2.1670934988136.1916111849
.emprestimosim.com.br/	1970-01-20 17:44:54	Name: smc_uid Value: 1670934988241704
.emprestimosim.com.br/	1970-01-20 16:54:30	Name: smc_tag Value: eyJpZCI6NDkyMywibmFtZSI6ImVtcHJlc3RpbW9zaW0uY29tLmJyIn0%3D
.emprestimosim.com.br/	1969-12-31 23:59:59	Name: smc_session_id Value: jJ9naYFE2yXQF8UiRXL6zwITLYOmMZMq
.emprestimosim.com.br/	1970-01-20 08:10:21	Name: _clsk Value: 1rntmqy\|1670934988359\|1\|1\|k.clarity.ms/collect
secure.afilio.com.br/	1970-01-20 08:18:59	Name: AWSALBCORS Value: rDRrkYdmWt+Tg7d2R+jQQylv6ZRdsbAzTvIJehjm2j51lVBeYqMPlkUXevCN0jBEnAood0eYbLhgeh3IAVuoKReh5xki8zkQJYsZSgZIWfx2kTVEpjzCYwMBDImk
.emprestimosim.com.br/	1970-01-20 17:44:54	Name: smc_refresh Value: 25785
.emprestimosim.com.br/	1970-01-20 08:10:21	Name: _uetsid Value: c3f6ddc07ae211ed849531962f58303c
.emprestimosim.com.br/	1970-01-20 17:30:30	Name: _uetvid Value: c3f70f607ae211ed962637bc35ff9d4d
emprestimosim.com.br/	1970-01-20 08:08:56	Name: tt_c_vmt Value: 1670934989
emprestimosim.com.br/	1970-01-20 08:08:56	Name: tt_c_c Value: direct
emprestimosim.com.br/	1970-01-20 08:08:56	Name: tt_c_s Value: direct
emprestimosim.com.br/	1970-01-20 08:08:56	Name: tt_c_m Value: direct
emprestimosim.com.br/	1970-01-20 17:44:54	Name: _ttuu.s Value: 1670934988790
.yahoo.com/	1970-01-20 16:54:52	Name: A3 Value: d=AQABBMxxmGMCEL3bf0GSvHCm82SghcT9opwFEgEBAQHDmWOiYwAAAAAA_eMAAA&S=AQAAAgPSqrXkJxJgAf920W5sSBo
.tt-14643-9.seg.t.tailtarget.com/	1970-01-20 08:52:06	Name: trk Value: slyVdF6jrUHmKjnVi+jUpqTkuz0Kr/WAaH74OP6yEoaTze3Eut8DxVTTSPbC35Ke
.t.tailtarget.com/	1970-01-20 08:11:47	Name: _ssc Value: y
emprestimosim.com.br/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 3756db74158892de0b64b5bebacae1ef
emprestimosim.com.br/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 3756db74158892de0b64b5bebacae1ef
.t.tailtarget.com/	1970-01-20 16:54:30	Name: u Value: fwAAAWOYccwA8QagC0wWAgB=
.emprestimosim.com.br/	1970-01-20 17:44:54	Name: smc_tpv Value: 1
.emprestimosim.com.br/	1969-12-31 23:59:59	Name: smc_spv Value: 1
.emprestimosim.com.br/	1970-01-20 17:44:54	Name: smc_sesn Value: 1
.emprestimosim.com.br/	1970-01-20 17:44:54	Name: smc_not Value: default
emprestimosim.com.br/	1970-01-20 16:54:30	Name: tt.u Value: 0100007FCC719863A006F10002164C0B
.doubleclick.net/	1970-01-20 17:30:30	Name: IDE Value: AHWqTUn9JccNpEULTuhmI0WhAXoiQn37tY7hTGBmz2eL_fzim7WWREZrOG-UNK8-
.t.tailtarget.com/	1970-01-20 08:52:06	Name: ttbprf Value: _berlin_land berlin_de_1670934989106_1358891721
.t.tailtarget.com/	1970-01-20 08:08:56	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 08:52:06	Name: ttnprf Value:
emprestimosim.com.br/	1970-01-20 08:10:21	Name: tt.nprf Value:
.emprestimosim.com.br/	1970-01-20 08:53:33	Name: user_unic_ac_id Value: f1e40dab-16b8-f74b-0998-82e7c2a67d10
.emprestimosim.com.br/	1970-01-20 08:53:33	Name: advcake_trackid Value: db87e202-5c15-955e-3863-fe5a9cee9a73
emprestimosim.com.br/	1970-01-20 16:54:30	Name: blueID Value: 6c5189db-ddcb-44b9-83e0-09e760b0d2de
.tt-14643-9.seg.t.tailtarget.com/	1970-01-20 08:08:58	Name: ttca Value: CA28591_1670934989
.t.tailtarget.com/	1970-01-20 08:52:06	Name: n Value: 1670934989
.tiktok.com/	1970-01-20 17:30:30	Name: _ttp Value: 2IrLvzJlAJghidqLXE4yXPHSBJN
.getblue.io/	1970-01-20 16:54:30	Name: ckid Value: CCEF374C-BDE5-47DD-9CA3904D489EEEA7
.emprestimosim.com.br/	1970-01-20 17:30:30	Name: _tt_enable_cookie Value: 1
.emprestimosim.com.br/	1970-01-20 17:30:30	Name: _ttp Value: e7ad1303-efa7-4d8d-a714-fe4955a05298
.adnxs.com/	1970-01-20 10:18:30	Name: uuid2 Value: 7997888596615906682
.media.net/	1970-01-20 16:54:30	Name: visitor-id Value: 3139365919172190000V10
.media.net/	1970-01-20 08:52:06	Name: data-c-ts Value: 1670934991
.media.net/	1970-01-20 08:52:06	Name: data-c Value: k-IQx3QTtxfH7zkuTYykwnpSPUNHwqhXM_lMf5pg~~3
.casalemedia.com/	1970-01-20 16:54:30	Name: CMID Value: Y5hxz9OOiDrYSnlG6wJ3wAAA
.casalemedia.com/	1970-01-20 10:18:30	Name: CMPS Value: 5178
.casalemedia.com/	1970-01-20 10:18:30	Name: CMPRO Value: 5178
.c.bing.com/	1970-01-20 17:30:30	Name: SRM_B Value: 300CD7B072606F4A31A4C5C973EB6E45
.360yield.com/	1970-01-20 10:18:30	Name: tuuid Value: bd48c639-a272-49b0-8563-e3c391e7947d
.360yield.com/	1970-01-20 10:18:30	Name: tuuid_lu Value: 1670934991
.bidswitch.net/	1970-01-20 16:54:30	Name: tuuid Value: 4d096806-d7bf-4e88-b670-6426c6006b99
.bidswitch.net/	1970-01-20 16:54:30	Name: c Value: 1670934991
.bidswitch.net/	1970-01-20 16:54:30	Name: tuuid_lu Value: 1670934991
.casalemedia.com/	1970-01-20 10:18:30	Name: CMTS Value: 1143
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 17:30:30	Name: MUID Value: 300CD7B072606F4A31A4C5C973EB6E45
.c.clarity.ms/	1970-01-20 08:08:55	Name: ANONCHK Value: 0
.360yield.com/	1970-01-20 10:18:30	Name: um Value: !38,7pP0qgAY8Lqup9K438URgFBCwYk4TDiOoOoMj0qmXrntAYLTpHAFc-Pa86C4wr32JG4meCOK,1678710991
.360yield.com/	1970-01-20 10:18:30	Name: umeh Value: !38,0,1733142991,-1
.demdex.net/	1970-01-20 12:28:06	Name: demdex Value: 43332205436012666442320129856365490712
.analytics.yahoo.com/	1970-01-20 16:54:30	Name: IDSYNC Value: 18zh~28to
.dpm.demdex.net/	1970-01-20 12:28:06	Name: dpm Value: 43332205436012666442320129856365490712
.id5-sync.com/	1970-01-20 08:08:55	Name: cf Value:
.id5-sync.com/	1970-01-20 08:08:55	Name: cip Value:
.id5-sync.com/	1970-01-20 08:08:55	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:08:55	Name: car Value:
.id5-sync.com/	1970-01-20 08:08:55	Name: gdpr Value:
.id5-sync.com/	1970-01-20 08:08:55	Name: callback Value:
exchange.mediavine.com/	1970-01-20 08:29:04	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22c57b40a0-7ae2-11ed-b210-372b9169c978%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:29:04	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22c57b40a0-7ae2-11ed-b210-372b9169c978%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:29:04	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22c57b40a0-7ae2-11ed-b210-372b9169c978%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:29:04	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22c57b40a0-7ae2-11ed-b210-372b9169c978%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:29:04	Name: criteo Value: %7B%22id%22%3A%22k-g4_B2DtxfH7zkuTYykwnpSPUNHw24iOzcSMDkg%22%2C%22version%22%3A%22criteo%22%7D
.krxd.net/	1970-01-20 12:28:06	Name: _kuid_ Value: PQVsLtvh
gml-grp.com/	1970-01-20 17:44:54	Name: CEK Value: a
gml-grp.com/	1970-01-20 10:18:30	Name: XYZ Value: 120&0&148&&&&0&1&&859fd5da-a886-451a-8f6a-e93eecb24f5b&&a_15474b_1238&
gml-grp.com/	1970-01-20 10:18:30	Name: A_1238 Value: a=1238&r=0&fv=0&lv=0&vc=0&fc=20221213&lc=20221213123631&cc=1
gml-grp.com/	1970-01-20 10:18:30	Name: PM_20 Value: c=&s=15474&ad=1238&md=0&pm=20&d=20221213123631&ip=2890333041&r=0&ref=https://redirect.lista10.dev/&RedirectParams=btag%3da_15474b_1238c_%5bCustomMergeFields%5d%26siteid%3d15474
.iqbroker.com/	1970-01-20 08:53:33	Name: IsRestrictedCountry Value: false
.iqbroker.com/	1970-01-20 08:53:33	Name: IsRegulatedCountry Value: true
.iqbroker.com/	1970-01-20 08:53:33	Name: Country Value: de
.iqbroker.com/	1970-01-20 08:53:33	Name: CountryID Value: 78
.iqbroker.com/	1970-01-20 08:53:33	Name: aff_model Value:
.iqbroker.com/	1970-01-20 08:53:33	Name: aff_ts Value: 2022-12-13T12:36:31Z
.iqbroker.com/	1970-01-20 08:53:33	Name: AffTrackGroup Value: Black_team_(partnerka)
.iqbroker.com/	1970-01-20 08:53:33	Name: Serv Value: NL
.iqbroker.com/	1970-01-20 08:53:33	Name: AppID Value: id871125783
.iqbroker.com/	1970-01-20 08:18:59	Name: brand_id Value: 1
.iqbroker.com/	1970-01-20 08:53:33	Name: platform Value: 9
.iqbroker.com/	1970-01-20 08:53:33	Name: client_platform_id Value: 9
.iqbroker.com/	1970-01-20 08:53:33	Name: support_email Value: support@eu.iqoption.com
.iqbroker.com/	1970-01-20 08:53:33	Name: company_id Value: 1
.iqbroker.com/	1970-01-20 08:53:33	Name: IsAppStoreCountry Value: true
.betano.com/	1970-01-20 08:08:56	Name: __cf_bm Value: hO2bz0CvUSmXiLOKxnLiXS7PINwDGHsD4UifaiKZ8TI-1670934991-0-AVb9PAU1z9NWxPk8PNaQWmJl/ZK+4uSltI7vJmNEBmJF6Me3U96vs4oa2bxQGUNUyhJ60Wi6qjI7vwCOEBpo/S0=
.iqbroker.com/	1970-01-20 08:53:33	Name: landing Value: /lp/mobile-partner/pt/
.iqbroker.com/	1970-01-20 08:53:33	Name: RedirectDomain Value: iqoption.com
.iqbroker.com/	1970-01-20 08:53:33	Name: RedirectDomains Value: iqoption.com,iqtrading.asia
.sddan.com/	1970-01-20 08:08:55	Name: techcookie Value: 1
.sddan.com/	1970-01-20 08:08:56	Name: newu Value: 1
.sddan.com/	1970-01-20 16:54:30	Name: SDDAN Value: 20221213_38cf48ad26f08551779b2a6ff63093e7
.adnxs.com/	1970-01-20 10:18:30	Name: anj Value: dTM7k!M4.FD>6NRF']wIg2C%yuz1h.!]taP8i_il:meQ!2xnqQ_eFW$aZ`^vTHhOD^+3bMQqwsdYXu^LQ5V7IZ8u^yYYj4Rey1D?<QG=%9sk@3@'s>TRW8/W
.pixel.adensemble.com/	1970-01-20 16:54:30	Name: v Value: t
.pixel.adensemble.com/	1970-01-20 16:54:30	Name: co Value: 10028:1807:1807:1
.fulllab.com.br/	1970-01-20 16:54:30	Name: language Value: en-US
.fulllab.com.br/	1970-01-20 16:54:30	Name: screenResolution Value: 1600%3B1200
.fulllab.com.br/	1970-01-20 16:54:30	Name: timezone Value: Etc/Unknown
.fulllab.com.br/	1970-01-20 16:54:30	Name: platform Value: Win32
.fulllab.com.br/	1970-01-20 16:54:30	Name: adBlock Value: false
.fulllab.com.br/	1970-01-20 16:54:30	Name: fp Value: 73bd7325e6ae7c99f7b8eb854c6bd124
.fulllab.com.br/	1970-01-20 16:54:30	Name: lastUrl Value: https://emprestimosim.com.br/
.fulllab.com.br/	1970-01-20 16:54:30	Name: lastVisit Value: 1670934993162
.emprestimosim.com.br/	1969-12-31 23:59:59	Name: smct_session Value: %7B%22s%22%3A1670934989254%2C%22l%22%3A1670934993254%2C%22lt%22%3A1670934993255%2C%22t%22%3A5%2C%22p%22%3A5%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://altopd.com/lod Message: Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9568187.fls.doubleclick.net
a.twiago.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.de
advcake.dataroyal.com.br
affiliate.iqbroker.com
altopd.com
analytics.tiktok.com
api.soclminer.com.br
b.t.tailtarget.com
bat.bing.com
beacon.krxd.net
br.betano.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.adform.net
cm.g.doubleclick.net
cms.getblue.io
code.jquery.com
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.tailtarget.com
d2d7do8qaecbru.cloudfront.net
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
emprestimosim.com.br
event.getblue.io
exchange.mediavine.com
firehose.eu-west-1.amazonaws.com
gml-grp.com
googleads.g.doubleclick.net
gum.criteo.com
hitbr.acstat.com
ib.adnxs.com
id5-sync.com
img.metaffiliation.com
iqbroker.com
js.cookieless-data.com
js.sddan.com
js.smct.io
k.clarity.ms
ls.smct.co
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pips.taboola.com
pixel.adensemble.com
pixel.rubiconproject.com
pixel.rubiconredirect.com
plugins.soclminer.com.br
pubads.g.doubleclick.net
r.casalemedia.com
rd.afftrack.pro
redirect.lista10.dev
rtb-csync.smartadserver.com
rtg.admasters.media
rtgpix.com
s.thebrighttag.com
scripts.prdredir.com
scripts.rubiconredirect.com
secure.adnxs.com
secure.afilio.com.br
smct.co
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.tailtarget.com
tags.fulllab.com.br
tags.t.tailtarget.com
trc-events.taboola.com
trc.taboola.com
trk.datnova.com
tt-14643-9.seg.t.tailtarget.com
ups.analytics.yahoo.com
use.typekit.net
visitor.omnitagjs.com
widget.getblue.io
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.rtb123.com
x.bidswitch.net
104.156.53.91
104.18.33.19
13.248.245.213
13.32.27.69
13.59.93.104
138.197.230.29
141.226.224.32
141.226.228.48
142.250.186.34
144.126.250.218
151.101.129.44
162.19.138.118
172.217.18.102
177.54.158.78
178.250.0.163
178.250.2.146
18.158.8.202
18.196.238.199
18.66.112.106
184.31.94.14
185.117.134.138
185.255.84.153
185.86.137.133
185.89.210.180
185.89.211.116
192.229.220.129
20.234.93.27
20.96.88.162
2001:4de0:ac18::1:a:3a
212.82.100.181
23.218.209.56
2600:1f18:612b:4216:7c0:9dd:bfc5:265a
2606:4700:10::ac43:47d
2606:4700:20::ac43:494b
2606:4700:3030::ac43:a84c
2606:4700:3037::ac43:83bb
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6811:5459
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9d
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
2a04:4e42:600::300
2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc
2a06:98c1:3120::3
2a06:98c1:3121::3
3.126.56.137
34.102.185.99
34.117.157.22
34.252.45.249
35.158.195.201
35.158.31.44
35.201.123.184
37.157.3.20
44.207.128.163
45.60.156.148
51.15.145.116
51.158.28.82
52.151.244.28
52.213.249.147
52.215.57.152
52.28.121.127
54.155.179.95
54.194.160.80
54.207.14.86
54.84.230.86
54.94.210.1
67.225.220.126
69.173.144.138
70.42.32.159
74.119.119.150
85.215.5.31
88.221.168.23
95.101.111.42
99.80.34.209
01051be053fcedd16a6ab6e7acc66608d4fbfb681cce4bea94acdd437d394df1
017217e952a763a6a3ac2688bb3c1c17db0a42721148434b9060158bd08716d6
020d991f34b25255c5d3b70e6936745189ff0b2dbb2409382a50af9d1bdf5502
0289df6d8a98866dd09b9d68b94d02404c1b9eda01f611ae94916e233fe5a2a4
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0a17f2383b1d0325e3f2821e832dd80e1de6082138e6065cf787854ea0fd24b1
0ac0382afb6d983dfb68e53f364f83257eadfe62c2d799dd70bf3433e6ccc9a8
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
11781d4a79b15cefd494f991271b75af68587a9f500bfdc4d6ce6e4b3f312d93
1324fd77be8e7aff037ca9c9c92a7860070d3a2e87e331f4c71703db9704494b
154df4d58a18edec050ea45bbd511d77e998225611942cee6d0cf50bb3ab528f
18db69f82e97b7e73d6408effc8ff565de7bed09a33e404843c285ceddb98169
1b5adad44292630e0d6c054fd31c83d7eb9867d18efc1c91890b41c82c5fd4f4
1d121dba61f66283c750f65d6d81811a4de81e934c2b88af484e20ea0b47d0ca
1e3f3348061152da9d210c6fcae26f029597a30ced0672d6c1298e904f8aba9b
223d43b797419fd715d2451cb10077fc553e514070db8b8fb5a1806d3f415c2f
24bbed54671f8706b6d7248bb2fdac582f054af3555db5cbdfe6fb014f9ba2d8
262544d8f2c6c0b749c689b2bb55324ce29dc8110be4e432472502ec3092ed66
26ffdc4c21800007afa59f4958232ceb5b7ee1c74daf7f283117a13387346b74
27dba2b70cdfbd8515b54e106a35a9a4786a5f7cddde8c6959a023f7a0b4c1fc
2c139dce7a5a53e47320a329f7f6a601c8a5ce2cc928043e25fcea7c02012dbf
30b8145cedecf855dee3ee3327fbe526290db03fdfeaaaa4d1bdc72e067a8cb5
32850ce957f8bf73923468dfed25d6f1c06e5ac02b7ce47c26084b2e2f697531
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3330c8a22c1f813b5b0e27fb8f66d3b712635344b270f3ef84690f7066ffdcdc
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
39f6c4ef5a24d1f3dddc23de1255fcc54dd65dad02044948740f7d7d01aa1737
3c3c5d5715fee6057604b4028256d879205976653574579498a4ee89be8e1361
3c6cec6628557ba65b64602b46d48d3d34854ac0470dcc089e93e8f161a105c3
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
41f40556d764448a5c8220598ddf5c7df825bced46014dbca751e80e3b3d429e
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
4234bf083c1466c6b8153cbe8d76bf6c652374b71acfb880a1ea164d2ad936f7
4317e231a7157037a52d4e3a41145929f0321421001ccf5a1258158421a714db
448008a6708ac97a70baa6324eab7ee618962cdac0648ecd196929be76ec3798
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6f82250c1c112b470293e7f7a2f4b8211ab930bfeaf34f41395d5f0ec5176c
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4c0fc46e9c98ea5580cc72895140b9df71a21956c6420cfbd21d30a8d99cb175
4c1bf4b3e0d3235bfb1498486e6902c33f46638801c3e951eb7a41964da25175
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe246805c58db47f4fc6e4c52c84f6428bbff27f0f2b3bf53992841adea84e9
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53460b547a39f81deaf55102e0126a4678032111428eb840219a282dda9539cb
538b813052e0b3d5e81444ad3de25fd80ea756ed216eed76d1bb3f9e2d6d6a1d
53dff34932317bec198151ded94e5149834b6b757b038338ffc54b02f5132068
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
5570b3ba28f76bbcb5367d8c385aa564f4baaa04969eb2ea2dc7542132a27953
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57e701a602643839c5053dc0afebfa3249366b35f16e133d9906fc0291c30ae2
593002b12f725c709d6d479d2b73756dd7e798211049aeafca0ac5d99d204c78
5b92a408bbe994550b7055a07066d79ec13a646062d36f046dbd84a9d59e86e1
5bec07035b8d8469d3375ec0326b9ac991688b3a0b057b084afd76c2108de386
5df9635947ba9213f751fe1259ad41101c88e867a5911aad803515b81ed2ff2d
601a386e28bbb4213c034af26ca40aafd221948f47b65d45c4d6199135074df3
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26
656442384ce64a2a180dc5e9665423b59a42d805c057710019f1486776d6ae34
67633d2dcfbe1616260f020b61f5127932f02b3b5213c0724c853f4f9cd06530
67925e0981eb9ab751c2a24fa45963bd849755f71a59649cf0085d1e88e85a8f
69951e457a34a143d2c9dc0cfbe6897d55584c73f321ff3ab9d8f2ad390341d9
6b7fe2019fa4dfc6f49c95484cb7a05501450530c897c26daee45487dfc29b5b
6bb7382e03f8ab0dc4a5caf5063c2386d8dbd4269fc75ec1f45dc6295f6fb34c
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
6fd6aa6976533618f4f0b4d0bdca57d1b3b4f480574dd21f70db079ee4a55c4e
6fe7efed9a4312e1ab71d3610d45a086e045ffa27aa7794581ffdaa22fe557a7
70d3488c2f6aa74fae0bead6cba1dd40a175b1de0c60ca33709a9cf692c5f1f5
712d764046bbcaae7b93ad4bc8adaf8536a1d0ecec35d046abe05d9d5738af2e
72ca11f74554c7586dfd8d54aee79f8a262f2d3baf47d600330bc1260da626d7
733f585573cedfe24ab328e1c9ba6a650f04e81409837bdc5aaeaeef87283f7e
75e39f710094385f3fee0e9450350f07b46d2d7b6891557b5e2865d24483c9cd
76ed43e621b06fa7cde94105f662d4a39bcd4385ec8218082fa9cbdaf52d521e
7ac192b8115fbcef3996d67b90ff770d8acadc71b3aff1e13c6d24976a7431da
7c1127ab09532b04b8088a9801ba881e917c74c4b3ebfbf8d77fc5fefec73e94
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
811f04f4d99edcc0ba3e9c61ba72220e299bcb117e8e8029950908a44d6d5bab
82bf82d63f3199a81248b22e24bee9893f9f8b2d7b022e4d8612dd5a9a4417ec
82c2b4a4fe4256e2bb0463b4f47f222161b0fb48ef8b035de1474dd1c09d70ce
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860b60f32ca476d40d12845b051dec5475ced8121cd5cef783f722454b42c989
86ca0956287bf33bf7c403d72fe2fade985d7af3ac007aa32fd93c2a175f666e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9001f43803914fb0df54bfc90f6ce0def0d255eb925c6a6b0039e94313faf352
906f1519144dec1b6088b2105b72640bc60972be0809c6675853a99dcc2a453f
94ee15e67f3a55694274ff85a7dfe4ec199eff3f7657f5a875d3d8d1a42d4ec6
94f2e31b1de367b000410147692f93d535026efc37bb24aa15996c0e89e89f0d
96b96ca4e564e5b62f118eba03fa06368eaac3de585b896d7cc1c720bd56022b
9711ddfdd2e8405d2fea76cd29390ccf53df04e7a37298e23adfa91f2c78bd2b
99b9b5bf1a7bdef4dd05098794e94d501398d874d23473197561f5bfa3b1831b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a1c4dafff3710b5ad239d1a0159c5c8eee97c9c82689f49e008bf9a4f58f9c9
9dcdce0810d592c3191f6bec0d18245d5f75e1d20497d0f3218964c8ca2cf8d2
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a27f1bcaa84d6877b3428acc9c8de4f053ad81448cc6bbecd5ec180a3e2095a8
a35088155b3b54456712bdb94de13525ceced4eb878d242ba7a201373e18e451
a367016d4901839a2fe40793d076f5f37f1329538bfc31701beb63e0253aae3b
a4b59340f5b448928a72cbb60cbaa273109fc3b84380429f7db4b53e81b5b446
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
a551120486d9e5ab3350b756b353aec977ce9e6136b03d7f99fb79b2d5a5734e
a91c86e5c32534f80979f376ff65f92e95c23f716e568ab52649c150fe599c59
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a12f61cf671652ec36bc718ba9972111b114b8544fdc989f1ee8eec475602a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4af1b8a1f71393d5004ded7319baf74d29d4f88d7917751adbf8b532d2b9f6d
b5040fe6d40543776d53964540a5ae4b627fedae92c6b33cd2eb37bbd17e00ec
b9282e9fdf9bd33668f3ed3d31c7d348d6054a20db89d3e2262bf6f017933c32
ba43671fe8efa561dc6d7c35d5dc8f95d9ec360c0d1d6c6f085a70dbef723b72
bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6ca7237fd2b9557a45cea307ecb486a0d89628fc57d04e493ec2c6b2e4f593
bc43f9a3e3eee1a86fc2d47139dbe26fa43cb5f09681e4496acd5808676f80a2
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
be005ce7104312aeda33300b76a1baded55fd069dc721cfb210629f5214b3b80
be1a2930c8532a8e3b43b5a444810e9b2138bc06968ef2c022e738b75a8fa062
bebfaca4ac090e3cc806a33d3c29a1abbfd2cd1eef46a74baf34029866511d7f
c099f9ff2e2d9c66d6494e80170d466341c0a589f8013a9a272d5e674623340f
c4d7bc627b01893985378a176a93ed353b71fd29ee2e808c18717d314a22d624
ca2e14e5d2ca26aaebea9e73ed042387237130ff0b86c2f02a360ddceb901f5d
cbd565a193580818e6deb0ba4878815e923894bc2cc0e001c54c62b756fc3546
ce00d5580940143695f7017110c37db7ec77599e061663cfa165a9f03cf0be67
ce4e69b18cf74d5fc83acb7707b2c16b8156391f9b2f29d232cb88b501288e92
cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00610ae800b21de15d523fdc8da0ff3ad35aa19c4847cdd4e300b3d5b694dc1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d26ab69896c0bc232b2e6190de9dc40d66c18ba197b61b31ab0b2327478c880e
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
d74f17825c2404f3cbee131720fc6a13c86f1aa5605adfb9db1c9bd1c39b1f01
d913a3ce24c14263a5e1ce227c5d62d30eb4a5ba50b5ccf9a9c0bb555c9ffd0f
d95b9c7865b16f294cec92b3bb2a699f855735681947db80069610d0564e628c
d99c6013719ea00b7ade92725c2832fce75561a151fce147e0b398585e79af6e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea610213dd6a48c90051eaca7494a5c022373265339da7049c4a7d8149bfc137
ed2e9e004b4613a50ef16adf30ab8f8185b0b5581248a44c4bb9476897d13973
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f38faad9febeaa4ffa814a63624d6450dc453184f24ca5e89bbb83a50e169a58
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f52a6582d8042b96bf6f47676986a1f5822e4dbbf6a9ebabc6b9d9ac75dd12dd
f76c3b40a881b6cb3e4289444573df84b893a6588fe980a5759681e8c237b764
f78dbb20e933032952cfe7002006d65514b22004bcd6e1bef02f15d4b949be91
f9eb6603ccb26ac659a34bed8265fdfda55fc07638e9ad17f0cbffa4e3a56144
fc7e6385a22749a8b3224a31b05f7cb995e2e62ab4af84ae526262af38c1753e
fd268501305ccbbf83c90fb6305d8f6ff21e8b010158c80229e155d214836625
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

emprestimosim.com.br Open in urlscan Pro 52.151.244.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

199 Requests

90 %HTTPS

33 %IPv6

70 Domains

101 Subdomains

86 IPs

10 Countries

1921 kBTransfer

3783 kBSize

120 Cookies

20 Outgoing links

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

emprestimosim.com.br Open in urlscan Pro
52.151.244.28 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

90 %
HTTPS

33 %
IPv6

70
Domains

101
Subdomains

86
IPs

10
Countries

1921 kB
Transfer

3783 kB
Size

120
Cookies

199 HTTP transactions
3 data transactions