www.serasa.com.br Open in urlscan Pro
45.60.13.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.s11.exct.net/?qs=69000201a37e728b4c9897d65e5d76d88d32e658ef3e921a9c52f62c7b2e3704fff58147d647f3ca9b208d577237...
Effective URL:
https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=2021...
Submission: On November 24 via api (November 24th 2021, 5:26:45 am UTC) from SE — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 43 HTTP transactions. The main IP is 45.60.13.174, located in United States and belongs to INCAPSULA, US. The main domain is www.serasa.com.br.
TLS certificate: Issued by GlobalSign Organization Validation CA... on January 29th 2021. Valid for: a year.

This is the only time www.serasa.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.71.12 13.111.71.12	22606 (EXACT-7) (EXACT-7)
10	45.60.13.174 45.60.13.174	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.29 143.204.98.29	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
3	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
5	54.247.138.82 54.247.138.82	16509 (AMAZON-02) (AMAZON-02)
1	52.16.165.61 52.16.165.61	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
7	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
1	143.204.98.102 143.204.98.102	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02)
43	16

1 13.111.71.12 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: cl.s11.exct.net

cl.s11.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 45.60.13.174 (United States)

ASN19551 (INCAPSULA, US)

www.serasa.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.82 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.247.138.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.165.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-165-61.eu-west-1.compute.amazonaws.com

serasaexperian.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-11384-0.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tailtarget.com tags.t.tailtarget.com d.tailtarget.com tt-11384-0.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	25 KB
10	serasa.com.br www.serasa.com.br	381 KB
6	demdex.net dpm.demdex.net serasaexperian.demdex.net	8 KB
5	googletagmanager.com www.googletagmanager.com	189 KB
5	doubleclick.net 2 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	144 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	65 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	735 B
1	hotjar.io vc.hotjar.io	256 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	889 B
1	bing.com 1 redirects c.bing.com	538 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	adobedtm.com assets.adobedtm.com	53 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	exct.net 1 redirects cl.s11.exct.net	553 B
43	15

	Domain	Requested by
10	www.serasa.com.br	www.serasa.com.br
5	dpm.demdex.net	assets.adobedtm.com www.serasa.com.br
5	www.googletagmanager.com	www.serasa.com.br www.googletagmanager.com
4	tt-11384-0.seg.t.tailtarget.com	www.serasa.com.br d.tailtarget.com
3	securepubads.g.doubleclick.net	www.serasa.com.br securepubads.g.doubleclick.net
2	b.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	www.serasa.com.br d.tailtarget.com
2	cm.g.doubleclick.net	2 redirects
2	sb.scorecardresearch.com	1 redirects www.serasa.com.br
1	t.tailtarget.com	www.serasa.com.br
1	vc.hotjar.io	www.serasa.com.br
1	vars.hotjar.com	static.hotjar.com
1	cms.analytics.yahoo.com	1 redirects
1	c.bing.com	1 redirects
1	cm.everesttech.net	1 redirects
1	serasaexperian.demdex.net	assets.adobedtm.com
1	script.hotjar.com	static.hotjar.com
1	assets.adobedtm.com	www.googletagmanager.com
1	tags.t.tailtarget.com	www.serasa.com.br
1	static.hotjar.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.serasa.com.br
1	cl.s11.exct.net	1 redirects
43	23

This site contains no links.

Subject Issuer	Validity	Valid
*.serasaexperian.com.br GlobalSign Organization Validation CA - SHA256 - G2	`2021-01-29` - `2022-03-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
Frame ID: 78701B4DAAFE8E5BA5CBE2ADEB77791E
Requests: 39 HTTP requests in this frame

Frame: https://serasaexperian.demdex.net/dest5.html?d_nsid=0
Frame ID: CAFA13F12D0EF4D77B73997D7B25644F
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: 887A86DE06656253C4545A99998A6C08
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Serasa Você Consulta – Serasa

Page URL History Show full URLs

https://cl.s11.exct.net/?qs=69000201a37e728b4c9897d65e5d76d88d32e658ef3e921a9c52f62c7b2e3704fff58147... HTTP 302
https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-n... Page URL

Page Statistics

43
Requests

86 %
HTTPS

25 %
IPv6

15
Domains

23
Subdomains

16
IPs

3
Countries

882 kB
Transfer

2981 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.s11.exct.net/?qs=69000201a37e728b4c9897d65e5d76d88d32e658ef3e921a9c52f62c7b2e3704fff58147d647f3ca9b208d5772378c6c2616771f1d8c314d837fa048e10b650e HTTP 302
https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://sb.scorecardresearch.com/p?c1=2&c2=34212218&cv=3.6.0&cj=1&gtmcb=1594938238 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=34212218&cv=3.6.0&cj=1&gtmcb=1594938238

Request Chain 25

https://cm.everesttech.net/cm/dd?d_uuid=54011205211920980321145738308321430313 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ3NCwAAADlVUgQE

Request Chain 26

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTQwMTEyMDUyMTE5MjA5ODAzMjExNDU3MzgzMDgzMjE0MzAzMTM= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTQwMTEyMDUyMTE5MjA5ODAzMjExNDU3MzgzMDgzMjE0MzAzMTM=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPG7Q-1kD4Ri9WUPAj8TwP8&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 27

https://c.bing.com/c.gif?uid=54011205211920980321145738308321430313&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1D3B1E54912964C6018E0EAD90FB659A

Request Chain 28

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=54011205211920980321145738308321430313&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-QzqSdHxE2pE4.tkzAoaqogW_0t3fVbq9ess-~A

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request voceconsulta Show response
www.serasa.com.br/
Redirect Chain

https://cl.s11.exct.net/?qs=69000201a37e728b4c9897d65e5d76d88d32e658ef3e921a9c52f62c7b2e3704fff58147d647f3ca9b208d5772378c6c2616771f1d8c314d837fa048e10b650e
https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscr...

8 KB
4 KB

439ms
392ms

Document
text/html

45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

9b25b6e52b6a3b537caf8bea07405f44be0f142dde76cdb7d90000725822ae64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
server: istio-envoy
last-modified: Wed, 13 Oct 2021 14:08:39 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains
pragma: no-cache
x-envoy-upstream-service-time: 1
content-encoding: gzip
date: Wed, 24 Nov 2021 05:26:35 GMT
cache-control: private, max-age=86400
etag: W/"6166e867-1e96"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: _DzOXg-pbk_aumCAvpkwPjSc5AQNolTW8MF1dGSyI5FTMwAANV-K1w==
x-cdn: Imperva
x-iinfo: 5-50461378-50461379 NNNN CT(1 5 0) RT(1637731594145 0) q(0 0 0 0) r(4 4) U5

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
Date: Wed, 24 Nov 2021 05:26:34 GMT
Connection: close
Content-Length: 547

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 04:05:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Nov 2021 05:26:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Nov 2021 05:26:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 43ms
18ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1053 / 60 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Nov 2021 05:26:35 GMT

GET
H2 200 styles.0c2b3978c4f1d9a9a04f.css
www.serasa.com.br/voceconsulta/ 70 KB
12 KB 114ms
113ms Stylesheet
text/css 45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/voceconsulta/styles.0c2b3978c4f1d9a9a04f.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

9537228a7390ded06056f64481ba5681895157443435a795bc1016f358f67ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"6166e867-1184b"
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
x-iinfo: 5-50461411-50461379 PNNN RT(1637731594563 0) q(0 0 0 -1) r(1 1) U5
x-envoy-upstream-service-time: 1
pragma: no-cache
last-modified: Wed, 13 Oct 2021 14:08:39 GMT
server: istio-envoy
x-frame-options: sameorigin
date: Wed, 24 Nov 2021 05:26:35 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: private, max-age=86400
x-amz-cf-id: 7_BVQYFSyBvjN3_1OjuzJVOmG294U1eU44qzb4e7i2bNhQoJUDTcLg==

GET
H2 200 runtime.02347977f8d27f44d1d3.js Show response
www.serasa.com.br/voceconsulta/ 2 KB
1 KB 402ms
401ms Script
application/javascript 45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/voceconsulta/runtime.02347977f8d27f44d1d3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

7891943328a15875f48f306a119e39bbbc3676e6c96ae21bcd2c96fbd7bab313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"6166e867-7cd"
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
x-iinfo: 5-50461412-50461413 NNNN CT(4 11 0) RT(1637731594567 0) q(0 0 0 -1) r(4 4) U5
x-envoy-upstream-service-time: 0
pragma: no-cache
last-modified: Wed, 13 Oct 2021 14:08:39 GMT
server: istio-envoy
x-frame-options: sameorigin
date: Wed, 24 Nov 2021 05:26:35 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: private, max-age=86400
x-amz-cf-id: 7hGzcz_vyhazo4wpJcDjRZG8nuGfhkgMGRgYWN5ZdeInJ3CNqOgY-g==

GET
H2 200 polyfills.84ff2aa33bec0100eda8.js Show response
www.serasa.com.br/voceconsulta/ 92 KB
31 KB 5582ms
5580ms Script
application/javascript 45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/voceconsulta/polyfills.84ff2aa33bec0100eda8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

84589b2225a2853fe677a9d928699f2673c672152519eb75526719d75ac2183f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"6166e867-17129"
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
x-iinfo: 5-50461414-50461415 NNNN CT(3 9 0) RT(1637731594569 0) q(0 0 0 -1) r(56 56) U5
x-envoy-upstream-service-time: 0
pragma: no-cache
last-modified: Wed, 13 Oct 2021 14:08:39 GMT
server: istio-envoy
x-frame-options: sameorigin
date: Wed, 24 Nov 2021 05:26:40 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: private, max-age=86400
x-amz-cf-id: 2_jNRaw6JgTRu4tkE-T2Eh8Zk0cUSTqCfA5Dq0GTAtvsUWP_aHipsw==

GET
H2 200 scripts.b900aacb01423877a041.js Show response
www.serasa.com.br/voceconsulta/ 30 KB
10 KB 319ms
318ms Script
application/javascript 45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/voceconsulta/scripts.b900aacb01423877a041.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

b90ec58554780843c6686b464c7ae1bd37eb89207c2cfc72ac73a359d84f40a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"6166e867-76fe"
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
x-iinfo: 5-50461416-50461417 NNNN CT(3 8 0) RT(1637731594572 0) q(0 0 0 -1) r(3 3) U5
x-envoy-upstream-service-time: 0
pragma: no-cache
last-modified: Wed, 13 Oct 2021 14:08:39 GMT
server: istio-envoy
x-frame-options: sameorigin
date: Wed, 24 Nov 2021 05:26:35 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control: private, max-age=86400
x-amz-cf-id: WpUvH-r_SSmnt3WgSwqMXyFWCYUr2K7gdqJkhbjfqhMRMJO3ZK8mDg==

GET
H2 200 vendor.3f6a395a0a89ccf9402e.js Show response
www.serasa.com.br/voceconsulta/ 881 KB
227 KB 313ms
312ms Script
application/javascript 45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/voceconsulta/vendor.3f6a395a0a89ccf9402e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

3b6137fd8344f5cb3a0dbcba443f2792e51dc4773c4350284a8ef1383cfbe8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"6166e867-dc3e4"
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
x-iinfo: 5-50461418-50461419 NNNN CT(2 9 0) RT(1637731594573 0) q(0 0 0 -1) r(3 3) U5
x-envoy-upstream-service-time: 51
pragma: no-cache
last-modified: Wed, 13 Oct 2021 14:08:39 GMT
server: istio-envoy
x-frame-options: sameorigin
date: Wed, 24 Nov 2021 05:26:35 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: private, max-age=86400
x-amz-cf-id: MHHWZdKtohifCHBsmyNYQBbwvA3pFQMz9pmTBscDsMqJ7ZZ2cF1o6g==

GET
H2 200 main.ea69bd171ac404af5712.js Show response
www.serasa.com.br/voceconsulta/ 28 KB
9 KB 419ms
419ms Script
application/javascript 45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/voceconsulta/main.ea69bd171ac404af5712.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

a6d13bf2e9ab51fd52e0409a95d07282c930b170e00f27b76775afdff4190690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"6166e867-6e16"
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
x-iinfo: 5-50461420-50461421 NNNN CT(1 6 0) RT(1637731594575 0) q(0 0 0 -1) r(4 4) U5
x-envoy-upstream-service-time: 1
pragma: no-cache
last-modified: Wed, 13 Oct 2021 14:08:39 GMT
server: istio-envoy
x-frame-options: sameorigin
date: Wed, 24 Nov 2021 05:26:35 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control: private, max-age=86400
x-amz-cf-id: 61eSr0OVPdUICJMD9I4a87tNFjKxjCUOluMo4uXRuwQh1WsKVTOtDA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
32 KB 46ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNGZVQ9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0e66f7f506976563ebfd9cac605cccf7494b8531394d74f642872d6c4d5b988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32561
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 05:26:35 GMT

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 529a5136f7d9ae0138eb2ce9d21cbfeb3861005e198baef39b8ccdf299eda8c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 24ms
23ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Nov 2021 05:26:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 74 B
102 B 32ms
17ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.serasa.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9cd4e0805f3fdb3fd9c7729a3493f017d6125b6b5b09f0a12a641be4943eab08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77
x-xss-protection: 0
expires: Wed, 24 Nov 2021 05:26:35 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 86 KB
33 KB 45ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W98LHSJ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNGZVQ9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3781fb5c6c429421782f99098df8ea23b26f1574930b76a214e447ac0a98ad5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33269
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 05:26:35 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
63 KB 51ms
37ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TF9QJN7&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNGZVQ9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6656f2df2bcdac7c90e381ad7db51c87e7ed737244ec98bfec3b1bd07e6be48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64413
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 05:26:35 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
33 KB 54ms
40ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MX2ZCJD&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNGZVQ9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31791964995fa9335affcc405ef7639a855ef4b687ea0bf22cea3f4ee5950416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33250
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 05:26:35 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 47ms
34ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7B9W9P&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNGZVQ9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a14a5ab0d05064625f42c48d57eba1ec31782a7a345cd7bde81b0ac03867057f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29676
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 05:26:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.serasa.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 402407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H2 200 hotjar-1030283.js Show response
static.hotjar.com/c/ 13 KB
4 KB 57ms
37ms Script
application/javascript 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1030283.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF9QJN7&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-29.fra50.r.cloudfront.net

Software

Resource Hash

22071d7b895ac344c5077db8d8fd13c31c8228df1dbb05b3fd7b7507fe3fb999

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/465ffe093653fcdf9f3c9f30e1ebc85b
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: XZBtVSsAjVsPh1dHJhI-2bHaWKOakS5k_J7J5oAbbHP8Shp3WglWXQ==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=34212218&cv=3.6.0&cj=1&gtmcb=1594938238
https://sb.scorecardresearch.com/p2?c1=2&c2=34212218&cv=3.6.0&cj=1&gtmcb=1594938238

64 B
329 B

11ms
10ms

Image
image/gif

143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=34212218&cv=3.6.0&cj=1&gtmcb=1594938238
Requested by: Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
Protocol: H2
Server: 143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-82.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: p4vSywEL1R5BEHt_fURtK76OcvcGyyyu1i6fxrl1lGm5in_pJ8Cp_Q==

Redirect headers

date: Wed, 24 Nov 2021 05:26:35 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=34212218&cv=3.6.0&cj=1&gtmcb=1594938238
content-length: 105
x-amz-cf-id: 8IIDCQnyHPZhG3CShzhI0InlaePvHcLEt1W_ttWCMgBOfh8RsOtWXA==

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 22 KB
7 KB 119ms
95ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-11384-0/CT-1248
Requested by: Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 65f502d54483d3fe0e9a208456cfd68007be5a2922e09252b5941c11d7a91ffa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdsjpMjv_QQj9AdLpkdug8u5Tx_IRuzdBuu1MOIVN_M32P4Ke1aMoRCpIxPxbQY4W32Ac880DKMSouKPmShikDLd33q4YQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 6786
last-modified: Wed, 10 Nov 2021 20:41:30 GMT
server: nginx/1.8.1
etag: "3fc6125bea4bf3ea2184d031201e0d00"
vary: Accept-Encoding
x-goog-hash: md5=P8YSW+pL8+ohhNAxIB4NAA==
x-goog-generation: 1636576890673417
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 6786
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Nov 2021 07:26:35 GMT

GET
H2 200 launch-EN9f2728f0a5744467abe65de7c4154b37.min.js Show response
assets.adobedtm.com/ 175 KB
53 KB 54ms
7ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN9f2728f0a5744467abe65de7c4154b37.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2ZCJD&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 15177b56689fc26ff29eb4d6d07556fb01c27d53033019cf801a91694ca159e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:35 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 13:21:23 GMT
server: AkamaiNetStorage
etag: "424c4b19d39e0428673b69bd50155e4e:1628774483.775531"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.serasa.com.br
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 54228
expires: Wed, 24 Nov 2021 06:26:35 GMT

GET
H2 200 booster.js Show response
www.serasa.com.br/dmp/libs/v0.0.25/ 12 KB
5 KB 13ms
13ms Script
application/javascript 45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/dmp/libs/v0.0.25/booster.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

10282b69d696651c8eff188cd36b302ad41bebb0fc5a1d9804902e1087d1301e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 22:25:52 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 14:55:53 GMT
server: AmazonS3
age: 30082
etag: W/"ed8f37f886f6215eaf313322c1428e9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-iinfo: 5-50461432-50461379 PNNN RT(1637731594760 0) q(0 0 0 -1) r(0 0) U5
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: zlnoGk0FR-a0vBSqhlVYjANJbrHeXHCAi8ucWLcZiprquHdZpTcpkA==
x-cdn: Imperva

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 29ms
9ms Script
application/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1030283.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-104.fra50.r.cloudfront.net

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61169
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 82sXKx1_YF1wjtE4xp9qH42JpyZiOPFpQszyrsArej1PPbcqyYM91w==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 983 B
1 KB 153ms
34ms XHR
application/json 54.247.138.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=2436FCE859C0D3FA0A495C84%40AdobeOrg&d_nsid=0&ts=1637731595686

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9f2728f0a5744467abe65de7c4154b37.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6ee4a6a84f0c53f57ad4fa6892bf25037a1d2ae3f4048ef6cbbe474de07380f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.serasa.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v019-03035d387.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 7r2e0q71QkY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.serasa.com.br
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 531
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK dest5.html Show response
serasaexperian.demdex.net/ Frame CAFA 7 KB
3 KB 139ms
31ms Document
text/html 52.16.165.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://serasaexperian.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9f2728f0a5744467abe65de7c4154b37.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-165-61.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 24 Nov 2021 05:26:35 GMT
DCS: dcs-prod-irl1-1-v019-018c6da40.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 1 Nov 2021 10:01:09 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: ZkNJA3WJRO4=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YZ3NCwAAADlVUgQE
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=54011205211920980321145738308321430313
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ3NCwAAADlVUgQE

42 B
945 B

36ms
35ms

Image
image/gif

54.247.138.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ3NCwAAADlVUgQE

Requested by

Protocol

HTTP/1.1

Server

54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-006eac0f9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yclxIn7bTIw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ3NCwAAADlVUgQE
Date: Wed, 24 Nov 2021 05:26:35 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPG7Q-1kD4Ri9WUPAj8TwP8&google_cver=1
dpm.demdex.net/ Frame CAFA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTQwMTEyMDUyMTE5MjA5ODAzMjExNDU3MzgzMDgzMjE0MzAzMTM=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTQwMTEyMDUyMTE5MjA5ODAzMjExNDU3MzgzMDgzMjE0MzAzMTM=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPG7Q-1kD4Ri9WUPAj8TwP8&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

39ms
38ms

Image
image/gif

54.247.138.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPG7Q-1kD4Ri9WUPAj8TwP8&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serasaexperian.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0d891b5f4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +WAQfiRtRsU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 05:26:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPG7Q-1kD4Ri9WUPAj8TwP8&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=1D3B1E54912964C6018E0EAD90FB659A
dpm.demdex.net/ Frame CAFA
Redirect Chain

https://c.bing.com/c.gif?uid=54011205211920980321145738308321430313&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1D3B1E54912964C6018E0EAD90FB659A

42 B
945 B

35ms
35ms

Image
image/gif

54.247.138.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1D3B1E54912964C6018E0EAD90FB659A

Requested by

Protocol

HTTP/1.1

Server

54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serasaexperian.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-09136a7c7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mG0IoF8NRCE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 05:26:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E165A333FDE744859B8C6B84B13E5EA5 Ref B: FRAEDGE1216 Ref C: 2021-11-24T05:26:36Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1D3B1E54912964C6018E0EAD90FB659A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame CAFA
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=54011205211920980321145738308321430313&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-QzqSdHxE2pE4.tkzAoaqogW_0t3fVbq9ess-~A

42 B
951 B

35ms
35ms

Image
image/gif

54.247.138.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-QzqSdHxE2pE4.tkzAoaqogW_0t3fVbq9ess-~A

Requested by

Protocol

HTTP/1.1

Server

54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serasaexperian.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v024-01c194ccd.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +d8O2BDNQzc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 24 Nov 2021 05:26:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-QzqSdHxE2pE4.tkzAoaqogW_0t3fVbq9ess-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 1.ffca460b824a7c71b4dc.js Show response
www.serasa.com.br/voceconsulta/ 184 KB
40 KB 389ms
388ms Script
application/javascript 45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/voceconsulta/1.ffca460b824a7c71b4dc.js

Requested by

Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta/runtime.02347977f8d27f44d1d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

30f00d0d82e148570a53769cda9f8d40a60f1f81a70c3362a3d9454606a5b612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-iinfo: 5-50461839-50461415 PNNN RT(1637731600216 0) q(0 0 0 -1) r(3 3) U5
x-envoy-upstream-service-time: 1
pragma: no-cache
last-modified: Wed, 13 Oct 2021 14:08:39 GMT
server: istio-envoy
x-frame-options: sameorigin
etag: W/"6166e867-2e051"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: private, max-age=86400
x-amz-cf-id: Js5irehUWz7XVxzRFhrWpdWV5LAwOEU_Q0KdmmjsoykZ3DBiInrDCg==

GET common.e71966aeea08e0bda966.js
www.serasa.com.br/voceconsulta/ 0
0

GET
H2 200 6.b6a633614ebb7c5fa2ea.js Show response
www.serasa.com.br/voceconsulta/ 194 KB
42 KB 293ms
293ms Script
application/javascript 45.60.13.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serasa.com.br/voceconsulta/6.b6a633614ebb7c5fa2ea.js

Requested by

Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta/runtime.02347977f8d27f44d1d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.13.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

30c8f030ef3f3efe0c689ed582a1191129a9979221cc3e2d268e51f69892a30c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-iinfo: 5-50461841-50461413 PNNN RT(1637731600220 0) q(0 0 0 -1) r(3 3) U5
x-envoy-upstream-service-time: 0
pragma: no-cache
last-modified: Wed, 13 Oct 2021 14:08:39 GMT
server: istio-envoy
x-frame-options: sameorigin
etag: W/"6166e867-30945"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: private, max-age=86400
x-amz-cf-id: o50KCNtDA4SqnRocod7VEZmZfYiDrUTOe-iUSHmYKYLrJdBVbRxo5w==

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 13ms
7ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 04:17:08 GMT
content-encoding: gzip
age: 4173
x-guploader-uploadid: ADPycduoWYlNMusgfVQnlsSnk4QCCzG_AOe1m8qU9k13-4qx1m8Q6d-VTvCyVbtbN631cPGR7-kiRl3yo3ibQL_h1XQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 6114
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "c011d7eff3edda011a5511fb703d925a"
x-goog-hash: crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language: en
x-goog-generation: 1632418656103247
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 25 Nov 2021 04:17:08 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 7ms
7ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:20 GMT
content-encoding: gzip
age: 41361
x-guploader-uploadid: ADPycdtmMm48LEv-9cKdnpuVy67J2ejevIxs4FFac3FInIKE8nxB84BhM_BoOsg95LIxB9eU60CTIzPurN7cr_Igszo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8332
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash: crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language: en
x-goog-generation: 1632418656026668
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Nov 2021 17:57:20 GMT

GET
H2 200 trk
tt-11384-0.seg.t.tailtarget.com/ 70 B
604 B 163ms
104ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-11384-0.seg.t.tailtarget.com/trk?tA=TT-11384-0&tJ=_channel:serasa-consumidor:1|_channel:site-todo:1&tK=1637731601&tM=crm-feirao-limpa-nome&tL=crm&tN=email&tY=3&tZ=881291566
Requested by: Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 trk
tt-11384-0.seg.t.tailtarget.com/ 70 B
440 B 163ms
105ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-11384-0.seg.t.tailtarget.com/trk?tA=TT-11384-0&tJ=_click:crm-feirao-limpa-nome&tK=1637731601&tM=crm-feirao-limpa-nome&tL=crm&tN=email&tY=3&tZ=856902461&i=2
Requested by: Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
466 B 136ms
103ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 65ab6776ecf7527c2a116d358d145bf2bb1849a92fb545c879d2ac8231d1edc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame 887A 2 KB
1 KB 28ms
8ms Document
text/html 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1030283.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VrbwLM9zqFZNlud_yO9D2n-ms0f3h7BpGmGFnrIy-G-Sop6paJ9Q0g==
age: 670235

GET
H2 204 1030283 Show response
vc.hotjar.io/sessions/ 0
256 B 55ms
35ms XHR
text/plain 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1030283?s=0.25&r=0.12923675100761223
Requested by: Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta/polyfills.84ff2aa33bec0100eda8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: zorzck8FfO7N2TZB0qfVbMo0yspfctY-ve8jhJ0mgekCERB7pkFovA==

GET
H2 200 trk
tt-11384-0.seg.t.tailtarget.com/ 70 B
422 B 104ms
104ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-11384-0.seg.t.tailtarget.com/trk?tA=TT-11384-0&tJ=_channel:undefined:1&tK=1637731601&tM=crm-feirao-limpa-nome&tL=crm&tN=email&tY=3&tZ=89033452&i=3
Requested by: Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 b Show response
b.t.tailtarget.com/ 112 B
577 B 105ms
105ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-11384-0&tY=1&tS=1&tU=0100007F11CD9D619D06BB9402BE241B&tX=b.52&tZ=572940545
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cae519d7ea3a237f6cc65c46b6ca3a99807e305071ce67920088188f7a50d529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 ca Show response
tt-11384-0.seg.t.tailtarget.com/ 61 B
357 B 105ms
105ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-11384-0.seg.t.tailtarget.com/ca?tZ=546052657
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: f8b2544f025d2545be3f6a0acd6a3dae7d954633bae9ea91f4a8916ecc261ce6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 110ms
103ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-11384-0&tE=0&tF=&tI=_luneburg_lower%20saxony_de_1637731601395_3589263619&tJ=&tQ=undefined&tU=0100007F11CD9D619D06BB9402BE241B&tX=b.52&tY=1&tZ=835132398
Requested by: Host: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta?utm_source=crm&utm_medium=email&utm_campaign=crm-feirao-limpa-nome&utm_content=202111fase4&cm_ven=ExactTarget&cm_cat=REGUA_LNO_FEIRAO_FASE4_&cm_pla=All+Subscribers&cm_ite=https%3a%2f%2fwww.serasa.com.br%2fvoceconsulta%3futm_source%3dcrm%26utm_medium%3demail%26utm_campaign%3dcrm-feirao-limpa-nome%26utm_content%3d202111fase4&cm_ainfo=&&&&&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.serasa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:26:41 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.serasa.com.br
URL: https://www.serasa.com.br/voceconsulta/common.e71966aeea08e0bda966.js

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.serasa.com.br/	1970-01-20 07:40:00	Name: visid_incap_1911258 Value: wKmLc8K3SfuFkBLx84D70QrNnWEAAAAAQUIPAAAAAAD+gspbsjqj+YycWnRTZYnt
.serasa.com.br/	1969-12-31 23:59:59	Name: nlbi_1911258 Value: kK+8ciIl9gD5najLbX8OlwAAAABgR2aajjewablZOIEGOJB9
.serasa.com.br/	1969-12-31 23:59:59	Name: incap_ses_878_1911258 Value: BbOYXrfRI1ab6Vi6h0gvDArNnWEAAAAAghEM36FleihBrxGOon/nLw==
.serasa.com.br/	1970-01-20 01:05:07	Name: _gcl_au Value: 1.1.1098661458.1637731596
.scorecardresearch.com/	1970-01-20 16:12:19	Name: UID Value: 18IIDCQNYHPZHG3CSHZHI0g1637731596
.demdex.net/	1970-01-20 03:14:43	Name: demdex Value: 54011205211920980321145738308321430313
.serasa.com.br/	1969-12-31 23:59:59	Name: AMCVS_2436FCE859C0D3FA0A495C84%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 07:41:07	Name: everest_g_v2 Value: g_surferid~YZ3NCwAAADlVUgQE
.dpm.demdex.net/	1970-01-20 03:14:43	Name: dpm Value: 54011205211920980321145738308321430313
.serasa.com.br/	1970-01-20 16:26:43	Name: AMCV_2436FCE859C0D3FA0A495C84%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18956%7CMCMID%7C53429417650882797161096390863805448061%7CMCAAMLH-1638336395%7C6%7CMCAAMB-1638336395%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1637738795s%7CNONE%7CMCSYNCSOP%7C411-18963%7CvVersion%7C5.2.0
.doubleclick.net/	1970-01-20 08:17:07	Name: IDE Value: AHWqTUmBYJmWAO4O2-d0BhjXPsXDJfbXOAI1zs3QwXxlaamqA6yr3ohffdvORSYlTd4
.bing.com/	1970-01-20 08:17:07	Name: MUID Value: 1D3B1E54912964C6018E0EAD90FB659A
.demdex.net/	1970-01-20 03:14:43	Name: dextp Value: 771-1-1637731596006\|1957-1-1637731596107\|30646-1-1637731596208
.yahoo.com/	1970-01-20 07:41:29	Name: A3 Value: d=AQABBAzNnWECEMfGoksbYPjIBBXrlb9lS9U&S=AQAAArutA85yIerv_iX1W-BZDeM
www.serasa.com.br/	1969-12-31 23:59:59	Name: _vcpe_code Value:
www.serasa.com.br/	1970-01-19 22:55:33	Name: tt_c_vmt Value: 1637731601
www.serasa.com.br/	1970-01-19 22:55:33	Name: tt_c_c Value: crm-feirao-limpa-nome
www.serasa.com.br/	1970-01-19 22:55:33	Name: tt_c_s Value: crm
www.serasa.com.br/	1970-01-19 22:55:33	Name: tt_c_m Value: email
www.serasa.com.br/	1970-01-20 16:12:19	Name: _ttuu.s Value: 1637731601097
.serasa.com.br/	1970-01-20 07:41:07	Name: _hjSessionUser_1030283 Value: eyJpZCI6IjJhY2I3ZWI1LTg4OTItNTQ5Yi1hMzE3LWQyY2YwODgwYzhkNCIsImNyZWF0ZWQiOjE2Mzc3MzE1OTU3MjAsImV4aXN0aW5nIjpmYWxzZX0=
.serasa.com.br/	1970-01-19 22:55:33	Name: _hjFirstSeen Value: 1
.serasa.com.br/	1970-01-19 22:55:33	Name: _hjSession_1030283 Value: eyJpZCI6ImQ1ZmFkZTljLTIyOTAtNDUyMC1iNzc1LWRmNDFkYjhhM2E3YSIsImNyZWF0ZWQiOjE2Mzc3MzE2MDExNjF9
www.serasa.com.br/	1970-01-19 22:55:31	Name: _hjIncludedInSessionSample Value: 0
.serasa.com.br/	1970-01-19 22:55:33	Name: _hjAbsoluteSessionInProgress Value: 1
.t.tailtarget.com/	1970-01-19 22:58:24	Name: _ssc Value: y
www.serasa.com.br/	1970-01-20 07:41:07	Name: tt.u Value: 0100007F11CD9D619D06BB9402BE241B
.tt-11384-0.seg.t.tailtarget.com/	1970-01-19 23:38:43	Name: trk Value: O6rxU8b4YpS17R/UVjprnX7R4LsVb5AA3SZqrgUiM+00/7CrvhNVJBm6otJTx8Sh
.tt-11384-0.seg.t.tailtarget.com/	1970-01-19 23:38:43	Name: trk_2 Value: AZtZ+p8/Z+Ke6NqEOzbLk0FC7Qu5zsWOofyfBvLY6Yw=
.tt-11384-0.seg.t.tailtarget.com/	1970-01-19 23:38:43	Name: trk_3 Value: bw/b1YJBDd9bPDFVGiUayw==
.t.tailtarget.com/	1970-01-20 07:41:07	Name: u Value: fwAAAWGdzRGuYQbMQ1YGAgB=
.t.tailtarget.com/	1970-01-19 23:38:43	Name: ttbprf Value: _luneburg_lower saxony_de_1637731601395_3589263619
.t.tailtarget.com/	1970-01-19 22:55:33	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-19 23:38:43	Name: ttnprf Value:
www.serasa.com.br/	1970-01-19 22:56:58	Name: tt.nprf Value:
.tt-11384-0.seg.t.tailtarget.com/	1970-01-19 22:55:35	Name: ttca Value: _1637731601
.t.tailtarget.com/	1970-01-19 23:38:43	Name: n Value: 1637731601

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://assets.adobedtm.com/launch-EN9f2728f0a5744467abe65de7c4154b37.min.js(Line 3) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
b.t.tailtarget.com
c.bing.com
cl.s11.exct.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
d.tailtarget.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
serasaexperian.demdex.net
static.hotjar.com
t.tailtarget.com
tags.t.tailtarget.com
tt-11384-0.seg.t.tailtarget.com
vars.hotjar.com
vc.hotjar.io
www.googletagmanager.com
www.serasa.com.br
www.serasa.com.br
13.111.71.12
142.250.186.66
142.250.186.98
143.204.98.102
143.204.98.104
143.204.98.110
143.204.98.29
143.204.98.82
212.82.100.182
2620:1ec:c11::200
2a00:1450:4001:812::200a
2a00:1450:4001:829::2008
2a00:1450:4001:831::2003
2a02:26f0:6c00:299::1e80
34.102.185.99
34.248.191.66
35.201.123.184
45.60.13.174
52.16.165.61
54.247.138.82
10282b69d696651c8eff188cd36b302ad41bebb0fc5a1d9804902e1087d1301e
15177b56689fc26ff29eb4d6d07556fb01c27d53033019cf801a91694ca159e3
22071d7b895ac344c5077db8d8fd13c31c8228df1dbb05b3fd7b7507fe3fb999
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
30c8f030ef3f3efe0c689ed582a1191129a9979221cc3e2d268e51f69892a30c
30f00d0d82e148570a53769cda9f8d40a60f1f81a70c3362a3d9454606a5b612
31791964995fa9335affcc405ef7639a855ef4b687ea0bf22cea3f4ee5950416
3781fb5c6c429421782f99098df8ea23b26f1574930b76a214e447ac0a98ad5e
3b6137fd8344f5cb3a0dbcba443f2792e51dc4773c4350284a8ef1383cfbe8f7
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
529a5136f7d9ae0138eb2ce9d21cbfeb3861005e198baef39b8ccdf299eda8c3
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
65ab6776ecf7527c2a116d358d145bf2bb1849a92fb545c879d2ac8231d1edc2
65f502d54483d3fe0e9a208456cfd68007be5a2922e09252b5941c11d7a91ffa
6656f2df2bcdac7c90e381ad7db51c87e7ed737244ec98bfec3b1bd07e6be48b
6ee4a6a84f0c53f57ad4fa6892bf25037a1d2ae3f4048ef6cbbe474de07380f6
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
7891943328a15875f48f306a119e39bbbc3676e6c96ae21bcd2c96fbd7bab313
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84589b2225a2853fe677a9d928699f2673c672152519eb75526719d75ac2183f
9537228a7390ded06056f64481ba5681895157443435a795bc1016f358f67ee2
9b25b6e52b6a3b537caf8bea07405f44be0f142dde76cdb7d90000725822ae64
9cd4e0805f3fdb3fd9c7729a3493f017d6125b6b5b09f0a12a641be4943eab08
a14a5ab0d05064625f42c48d57eba1ec31782a7a345cd7bde81b0ac03867057f
a6d13bf2e9ab51fd52e0409a95d07282c930b170e00f27b76775afdff4190690
b0e66f7f506976563ebfd9cac605cccf7494b8531394d74f642872d6c4d5b988
b90ec58554780843c6686b464c7ae1bd37eb89207c2cfc72ac73a359d84f40a5
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
cae519d7ea3a237f6cc65c46b6ca3a99807e305071ce67920088188f7a50d529
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f8b2544f025d2545be3f6a0acd6a3dae7d954633bae9ea91f4a8916ecc261ce6

www.serasa.com.br Open in urlscan Pro 45.60.13.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

43 Requests

86 %HTTPS

25 %IPv6

15 Domains

23 Subdomains

16 IPs

3 Countries

882 kBTransfer

2981 kBSize

37 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.serasa.com.br Open in urlscan Pro
45.60.13.174 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

86 %
HTTPS

25 %
IPv6

15
Domains

23
Subdomains

16
IPs

3
Countries

882 kB
Transfer

2981 kB
Size

37
Cookies

43 HTTP transactions
1 data transactions