URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Submission: On April 29 via api from BR — Scanned from DE

Summary

This website contacted 24 IPs in 5 countries across 21 domains to perform 75 HTTP transactions. The main IP is 40.70.147.14, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is blog.racon.com.br.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 29th 2022. Valid for: a year.
This is the only time blog.racon.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 40.70.147.14 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a00:1450:400... 15169 (GOOGLE)
5 52.222.250.175 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.23.208.81 16509 (AMAZON-02)
2 2600:1901:0:2... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2 172.217.18.98 15169 (GOOGLE)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 3.71.149.231 16509 (AMAZON-02)
2 34.95.235.228 396982 (GOOGLE-CL...)
1 35.223.116.65 396982 (GOOGLE-CL...)
1 34.68.90.188 396982 (GOOGLE-CL...)
75 24
Apex Domain
Subdomains
Transfer
18 racon.com.br
blog.racon.com.br
245 KB
11 cookiefirst.com
consent.cookiefirst.com — Cisco Umbrella Rank: 21831
edge.cookiefirst.com — Cisco Umbrella Rank: 25914
89 KB
8 azurewebsites.net
prd-us-brc-wapp-01.azurewebsites.net
763 KB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 25684
usr.navdmp.com — Cisco Umbrella Rank: 29308
cdn.navdmp.com — Cisco Umbrella Rank: 8329
sync2.navdmp.com — Cisco Umbrella Rank: 57742
sync.navdmp.com — Cisco Umbrella Rank: 16665
6 KB
5 cloudfront.net
d335luupugsy2.cloudfront.net
65 KB
4 croct.io
cdn.croct.io
api.croct.io
110 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
92 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
21 KB
2 rdstation.com.br
pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 119585
popups.rdstation.com.br — Cisco Umbrella Rank: 106684
867 B
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1606
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
843 B
2 hellobar.com
my.hellobar.com — Cisco Umbrella Rank: 27393
38 KB
2 gstatic.com
fonts.gstatic.com
278 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
132 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
4 KB
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1405
621 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 3425
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 16
408 B
1 dinamize.com
receiver.posclick.dinamize.com — Cisco Umbrella Rank: 701150
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
1 KB
75 21
Domain Requested by
18 blog.racon.com.br blog.racon.com.br
10 consent.cookiefirst.com blog.racon.com.br
consent.cookiefirst.com
8 prd-us-brc-wapp-01.azurewebsites.net blog.racon.com.br
5 d335luupugsy2.cloudfront.net www.googletagmanager.com
d335luupugsy2.cloudfront.net
3 connect.facebook.net blog.racon.com.br
connect.facebook.net
2 api.croct.io cdn.croct.io
2 cm.g.doubleclick.net 2 redirects
2 cdn.croct.io www.googletagmanager.com
2 tag.navdmp.com blog.racon.com.br
tag.navdmp.com
2 my.hellobar.com www.googletagmanager.com
my.hellobar.com
2 www.google-analytics.com www.googletagmanager.com
blog.racon.com.br
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com blog.racon.com.br
www.googletagmanager.com
2 cdnjs.cloudflare.com blog.racon.com.br
1 popups.rdstation.com.br d335luupugsy2.cloudfront.net
1 pageview-notify.rdstation.com.br d335luupugsy2.cloudfront.net
1 ups.analytics.yahoo.com blog.racon.com.br
1 cms.analytics.yahoo.com 1 redirects
1 sync.navdmp.com blog.racon.com.br
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com blog.racon.com.br
1 cdn.navdmp.com tag.navdmp.com
1 usr.navdmp.com tag.navdmp.com
1 www.facebook.com blog.racon.com.br
1 www.google.de blog.racon.com.br
1 www.google.com blog.racon.com.br
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 receiver.posclick.dinamize.com www.googletagmanager.com
1 edge.cookiefirst.com consent.cookiefirst.com
1 fonts.googleapis.com blog.racon.com.br
75 31
Subject Issuer Validity Valid
*.racon.com.br
Sectigo RSA Organization Validation Secure Server CA
2022-04-29 -
2023-04-29
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.cookiefirst.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-01 -
2023-12-16
a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 02
2023-03-10 -
2024-03-04
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
edge.cookiefirst.com
R3
2023-03-22 -
2023-06-20
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-02-05 -
2023-05-06
3 months crt.sh
receiver.posclick.dinamize.com
R3
2023-03-04 -
2023-06-02
3 months crt.sh
cdn.croct.io
GTS CA 1D4
2023-03-30 -
2023-06-28
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
www.google.de
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
api.croct.io
R3
2023-03-25 -
2023-06-23
3 months crt.sh
*.rdstation.com.br
Sectigo RSA Domain Validation Secure Server CA
2022-08-29 -
2023-09-29
a year crt.sh
popups.rdstation.com.br
R3
2023-04-28 -
2023-07-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Frame ID: FC96D2BCD274F64C1B5D9126F2D5D554
Requests: 81 HTTP requests in this frame

Screenshot

Page Title

Quer saber como negociar as suas dívidas? Veja nossas dicas!

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com

Overall confidence: 100%
Detected patterns
  • d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Page Statistics

75
Requests

96 %
HTTPS

62 %
IPv6

21
Domains

31
Subdomains

24
IPs

5
Countries

1871 kB
Transfer

3425 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=79997798960 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=79997798960&google_tc= HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=79997798960&google_gid=CAESEFz9JpuVU6QSD3pTp-LEyfk&google_cver=1
Request Chain 72
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=23bc644c-f667-4f00-8fb3-c3592ad371e4
Request Chain 73
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

75 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blog.racon.com.br/como-negociar-as-suas-dividas/
129 KB
30 KB
Document
General
Full URL
https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express ASP.NET
Resource Hash
7e581a3fac6a78b1580d141cec8b07ad61bdc4316f26d3a021ff677a3c9d757e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
none
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Apr 2023 10:50:13 GMT
ETag
"2036a-Sm5psXBrmBultkzYQ/Q5zOgpFWQ"
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express ASP.NET
icon
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 29 Apr 2023 10:50:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Apr 2023 10:50:14 GMT
tocbot.css
cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.0/
565 B
568 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.0/tocbot.css
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.racon.com.br/
Origin
https://blog.racon.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
162768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
228
last-modified
Sat, 25 Jul 2020 02:52:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f1b9e5b-235"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aM0uhTAFrz0DPaNBcIqZdbNr85L8a35n5Y2%2B0hvQtLx%2ByZb5M%2BIBi%2BlKtiFxWdr7kJ6%2FscYbo1SagTcYKd7MaifOFvR%2BleMg6QZibQlhJUXv%2FmkNOo7tRIbM2tCHq3B0YhpgXisaps%2B6fAZ%2BunvA%2BNp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bf6fb9e8d261b93-FRA
expires
Thu, 18 Apr 2024 10:50:14 GMT
tocbot.min.js
cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.0/
11 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.0/tocbot.min.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c337acd77a81cc34629265cf2c2cc08e4d7ba58047d37cd6a7160d6a87119461
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.racon.com.br/
Origin
https://blog.racon.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
161176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3260
last-modified
Sat, 25 Jul 2020 02:52:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f1b9e5b-2c9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsWdCXoSHRBw6TQFFi9GyNtfs7vKjcRAX62bvVN195fnhoGdPqQy3KidN4vndyi8DzJRyMLNG4bB8RShw47cbwAPvDL%2Fky5X1C3ws1u4uy1Cq0cIrHBENJRmVXSQJLuQGqXopWR0TU%2B%2FS5B8x5AOURya"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bf6fb9e8d281b93-FRA
expires
Thu, 18 Apr 2024 10:50:14 GMT
banner.js
consent.cookiefirst.com/
70 KB
27 KB
Script
General
Full URL
https://consent.cookiefirst.com/banner.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
b505a4cc315e1a350b7872d6e3357ca3e6e6771280d86d7c9fc7e2fc3ec9eb01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-165
cdn-cachedat
04/29/2023 10:40:13
cdn-pullzone
236985
visitor-location
DE
last-modified
Mon, 24 Apr 2023 13:42:30 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
56
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"64468746-11752"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=300
cdn-requestid
a9fba32f363f604a431218699ea04aeb
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
989bf6e.js
blog.racon.com.br/_nuxt/
2 KB
2 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/989bf6e.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
210916cc3d098e27480af0c564da0f5697c338cd0530ae1fa4dde3cc973d6cf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:10 GMT
Server
Microsoft-IIS/10.0
ETag
W/"9c2-17b30262305"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
c8cb82c.js
blog.racon.com.br/_nuxt/
176 KB
61 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/c8cb82c.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
017794a8fb4bcb6c102f4c1471f22bf1c1596f10eb472bf970e1ea46fd1430f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:13 GMT
Server
Microsoft-IIS/10.0
ETag
W/"2bf9a-17b30262c06"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
a073bca.js
blog.racon.com.br/_nuxt/
235 KB
72 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/a073bca.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
e23ca46be5b85e88e2458f160fb5d33c53ed84acae7eb8322c3c461c776772de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:12 GMT
Server
Microsoft-IIS/10.0
ETag
W/"3abda-17b302627c0"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
df8b1e1.js
blog.racon.com.br/_nuxt/
132 KB
31 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/df8b1e1.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
d14c71565a499ed525f590f9966614103d26b112c6f6f92e567bfe37e7c4d798

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:14 GMT
Server
Microsoft-IIS/10.0
ETag
W/"2118b-17b30263041"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
71bfdec.js
blog.racon.com.br/_nuxt/
34 KB
11 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/71bfdec.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
f3fb6f84bba82b652061fe51bd396e80a4508efdc8b9ea444e8d615b47bea1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:10 GMT
Server
Microsoft-IIS/10.0
ETag
W/"86ff-17b30261ff7"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
racon-logo.5147e73.svg
blog.racon.com.br/_nuxt/img/
2 KB
2 KB
Image
General
Full URL
https://blog.racon.com.br/_nuxt/img/racon-logo.5147e73.svg
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
a33576f0443f5a5c22c1bf00a442097caaaeb29250f74f4a50958f03d932b500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:24 GMT
Server
Microsoft-IIS/10.0
ETag
W/"72b-17b3026599d"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
worried-woman-looking-for-financial-bills-at-home-picture-id1281077988.jpg
prd-us-brc-wapp-01.azurewebsites.net/content/images/2021/09/
44 KB
45 KB
Image
General
Full URL
https://prd-us-brc-wapp-01.azurewebsites.net/content/images/2021/09/worried-woman-looking-for-financial-bills-at-home-picture-id1281077988.jpg
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
8d8993db826e76183c3e496c2c6f60d9c03f392d588fca9fbcc8993ebe01dc1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 14 Sep 2021 18:07:43 GMT
ETag
W/"b015-17be57e4636"
X-Powered-By
Express
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
45077
request-context
appId=cid-v1:
whats_social.4985fb8.svg
blog.racon.com.br/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://blog.racon.com.br/_nuxt/img/whats_social.4985fb8.svg
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
2e2c192a21fbe1d2a7db152cb04ec94ade7bcbac78dca8f4fec69b554f7b8a5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:27 GMT
Server
Microsoft-IIS/10.0
ETag
W/"68a-17b302664d6"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
twiter_social.d5db684.svg
blog.racon.com.br/_nuxt/img/
1 KB
968 B
Image
General
Full URL
https://blog.racon.com.br/_nuxt/img/twiter_social.d5db684.svg
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
801bf69647b72b4d2212c051b555ae9609a2f1db80776cfd37498f58b0aa49c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:27 GMT
Server
Microsoft-IIS/10.0
ETag
W/"434-17b3026628e"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
simbolo-racon-consorcios.jpg
prd-us-brc-wapp-01.azurewebsites.net/content/images/2020/11/
23 KB
24 KB
Image
General
Full URL
https://prd-us-brc-wapp-01.azurewebsites.net/content/images/2020/11/simbolo-racon-consorcios.jpg
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
bdb53764ea728b1b2c053f505568817f5c5636957003d02ffd5475f2d60b7615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 26 Nov 2020 12:08:00 GMT
ETag
W/"5cfe-17604740100"
X-Powered-By
Express
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
23806
request-context
appId=cid-v1:
consorcio.png
prd-us-brc-wapp-01.azurewebsites.net/content/images/2020/12/
43 KB
44 KB
Image
General
Full URL
https://prd-us-brc-wapp-01.azurewebsites.net/content/images/2020/12/consorcio.png
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
dca2982b2e244da7a647d6e13cbd5c53a5d8b37be86d1f5655a94d85e9d6507b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 08 Dec 2020 21:15:59 GMT
ETag
W/"abcd-17644360369"
X-Powered-By
Express
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
43981
request-context
appId=cid-v1:
consorcio.a1d7844.svg
blog.racon.com.br/_nuxt/img/
5 KB
4 KB
Image
General
Full URL
https://blog.racon.com.br/_nuxt/img/consorcio.a1d7844.svg
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
f0dc50b7a93531ae0b82ae3a8b85c9b0b783e2260ce04d7bfcb8e777f5c8d852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:21 GMT
Server
Microsoft-IIS/10.0
ETag
W/"12df-17b30264c4d"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
novacao-de-divida.png
prd-us-brc-wapp-01.azurewebsites.net/content/images/2023/04/
175 KB
176 KB
Image
General
Full URL
https://prd-us-brc-wapp-01.azurewebsites.net/content/images/2023/04/novacao-de-divida.png
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
51c7dd16779ef99335b556017469584cbfd4b7557c991aa2a591051008f4e477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 20 Apr 2023 11:57:21 GMT
ETag
W/"2bd61-1879e86b804"
X-Powered-By
Express
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
179553
request-context
appId=cid-v1:
como-sair-do-endividamento.png
prd-us-brc-wapp-01.azurewebsites.net/content/images/2023/04/
242 KB
243 KB
Image
General
Full URL
https://prd-us-brc-wapp-01.azurewebsites.net/content/images/2023/04/como-sair-do-endividamento.png
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
c34cf4e232ef27fa7d36e964b89ea287f7c55f1f445accf1505f114c3f360a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 04 Apr 2023 12:46:39 GMT
ETag
W/"3c940-1874c4e183e"
X-Powered-By
Express
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
248128
request-context
appId=cid-v1:
prosperidade-financeira.png
prd-us-brc-wapp-01.azurewebsites.net/content/images/2023/03/
228 KB
229 KB
Image
General
Full URL
https://prd-us-brc-wapp-01.azurewebsites.net/content/images/2023/03/prosperidade-financeira.png
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
8cf5632729378a7942702f047bf7ea961ef6d88049dc484e1d42ef7104cfaa21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 01 Mar 2023 18:15:01 GMT
ETag
W/"390de-1869e6280eb"
X-Powered-By
Express
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
233694
request-context
appId=cid-v1:
instagram.efcfdb8.svg
blog.racon.com.br/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://blog.racon.com.br/_nuxt/img/instagram.efcfdb8.svg
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
980ba92e8607da3acb146555afdeecaaacbdcb3d98cc344c1fea55407bdd2a41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:23 GMT
Server
Microsoft-IIS/10.0
ETag
W/"77f-17b30265262"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
twiter.45c6858.svg
blog.racon.com.br/_nuxt/img/
1 KB
973 B
Image
General
Full URL
https://blog.racon.com.br/_nuxt/img/twiter.45c6858.svg
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
c4b8c2d78f03e3f76cc433a7c897032f677b8943058e3c7d5b2350ba656fa2fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:26 GMT
Server
Microsoft-IIS/10.0
ETag
W/"430-17b30266019"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
logo_racon.cb02858.png
blog.racon.com.br/_nuxt/img/
3 KB
4 KB
Image
General
Full URL
https://blog.racon.com.br/_nuxt/img/logo_racon.cb02858.png
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
ea9c3576339780235e7e5a6848cda972ce5be884b0a24ee1bfb67f779a32db7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:13 GMT
Last-Modified
Tue, 10 Aug 2021 13:00:23 GMT
Server
Microsoft-IIS/10.0
ETag
W/"dec-17b30265566"
X-Powered-By
Express, ASP.NET
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
3564
version.json
consent.cookiefirst.com/sites/blog.racon.com.br-f92afc1c-0b6f-4bdb-a6da-8a0ef8ff0204/
44 B
774 B
XHR
General
Full URL
https://consent.cookiefirst.com/sites/blog.racon.com.br-f92afc1c-0b6f-4bdb-a6da-8a0ef8ff0204/version.json?v=1682765414278
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
23de5db094dd57ef6a771ae663e7c9e6202e39966fac65ec04771b1d66fd626e

Request headers

Accept
application/json
Referer
https://blog.racon.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-570
cdn-cachedat
04/29/2023 10:50:14
cdn-pullzone
236985
content-length
44
visitor-location
DE
last-modified
Sat, 29 Apr 2023 01:09:37 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
323
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
"644c6e51-2c"
content-type
application/json
access-control-allow-origin
*
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=15
cdn-requestid
88291d6509da6555931eeb4f2c41e797
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/
139 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KNCSXB
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5877d6b46f15764c50fb064a21854e450ca590271c8c38a8cb53a975573e29d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53217
x-xss-protection
0
last-modified
Sat, 29 Apr 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Apr 2023 10:50:14 GMT
truncated
/
296 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66a2bf22aa8ce3e6292df2a428b07bc960194482f234874ed4bb8f7df6fac919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
550 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cc7ed958797912092d8f5efa7f0d49621b5e1692c76349a375b25eff6c5ebcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
341 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
874653d1b4c5c7781bee8e5de8f487719ed746c5ca1027390508c8a761755244

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
714 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26d8162932e55476dc0f13a00e46230180aca8771aa810b25243df633b9b6b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
363 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c90c36e39dd3fac52d691dc6276e49e67885220d60d36edb96ed16bcd604e7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
725 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d43f1cd01671af20fd6630ed2838379d08760829edef862969a01fa8b4384e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
653 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e65e7ea1689de696e71a23e3569945587b3d4441d723c079eb355a50100ccdfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.racon.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:43:28 GMT
x-content-type-options
nosniff
age
580006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 17:43:28 GMT
config.json
consent.cookiefirst.com/sites/blog.racon.com.br-f92afc1c-0b6f-4bdb-a6da-8a0ef8ff0204/
3 KB
2 KB
XHR
General
Full URL
https://consent.cookiefirst.com/sites/blog.racon.com.br-f92afc1c-0b6f-4bdb-a6da-8a0ef8ff0204/config.json?v=793d7b03-743d-4cad-bd8c-6aa3a89d6112
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
dc4e424bedd9339fced8913d0dcde0cc74a729aa1528b4d1ad6679fdfb819715

Request headers

Accept
application/json
Referer
https://blog.racon.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-572
cdn-cachedat
04/29/2023 10:50:14
cdn-pullzone
236985
visitor-location
DE
last-modified
Sat, 29 Apr 2023 01:09:02 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
329
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"644c6e2e-be7"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
cd121a930d813073f9c5f7c30e0e2e06
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
location
edge.cookiefirst.com/prod/
67 B
473 B
XHR
General
Full URL
https://edge.cookiefirst.com/prod/location?origin=blog.racon.com.br
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
64a4383f30ec2cc2dab9b882da9e82b659aa23b6a0b2ee1118dda32f7a43059f

Request headers

Accept
application/json
Referer
https://blog.racon.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
cdn-edgestorageid
1075
cdn-cachedat
04/29/2023 10:50:14
cdn-pullzone
717911
content-length
67
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://blog.racon.com.br
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=1200
cdn-requestid
c7fcf08dd3699152ca9ff866a494f16e
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
296.8cb4.c.js
consent.cookiefirst.com/banner/v2.8.0/static-main/
21 KB
9 KB
Script
General
Full URL
https://consent.cookiefirst.com/banner/v2.8.0/static-main/296.8cb4.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
84622827b4d829561c0529ef6bd2d68abde648ebd2be53d6a48369562bfcec13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cdn-edgestorageid
722
cdn-storageserver
DE-571
cdn-cachedat
04/29/2023 10:40:11
cdn-pullzone
236985
visitor-location
DE
last-modified
Mon, 24 Apr 2023 13:42:29 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
607
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"64468745-52bf"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
dc24272508c03330f2546b8ee7aa6e23
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
app.079b.c.css
consent.cookiefirst.com/banner/v2.8.0/static-main/
42 KB
12 KB
Stylesheet
General
Full URL
https://consent.cookiefirst.com/banner/v2.8.0/static-main/app.079b.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
d94214a26ebcffeb272478a0b5c7187e60e9eeaa587fd105f5d358181bf7762b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cdn-edgestorageid
863
cdn-storageserver
DE-164
cdn-cachedat
04/24/2023 14:10:40
cdn-pullzone
236985
visitor-location
DE
last-modified
Mon, 24 Apr 2023 13:42:29 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
616
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"64468745-a7fd"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
c17f7c973fa74da4e5bedaa509fc3267
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
app.f95f.c.js
consent.cookiefirst.com/banner/v2.8.0/static-main/
56 KB
19 KB
Script
General
Full URL
https://consent.cookiefirst.com/banner/v2.8.0/static-main/app.f95f.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
923fbfc8859c9895ce722cbcd12d34a3dfafdce370f8f280a3fef08679040f5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cdn-edgestorageid
863
cdn-storageserver
DE-572
cdn-cachedat
04/24/2023 14:10:42
cdn-pullzone
236985
visitor-location
DE
last-modified
Mon, 24 Apr 2023 13:42:29 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
578
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"64468745-e166"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
dd94c598f6e481afaa9905ff214e4da1
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
lang-widget-en.json
consent.cookiefirst.com/sites/blog.racon.com.br-f92afc1c-0b6f-4bdb-a6da-8a0ef8ff0204/
8 KB
4 KB
XHR
General
Full URL
https://consent.cookiefirst.com/sites/blog.racon.com.br-f92afc1c-0b6f-4bdb-a6da-8a0ef8ff0204/lang-widget-en.json?v=793d7b03-743d-4cad-bd8c-6aa3a89d6112
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
006c30442d1efa0d28ce457720d64d3cde297aaefbf95e28a5d35df2cc877a42

Request headers

Accept
application/json
Referer
https://blog.racon.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-566
cdn-cachedat
04/29/2023 07:37:44
cdn-pullzone
236985
visitor-location
DE
last-modified
Sat, 29 Apr 2023 01:09:11 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
315
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"644c6e37-1fb7"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
c2d6b6493eb485937f5101da7c37baec
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ui.7909.c.css
consent.cookiefirst.com/banner/v2.8.0/static-main/
10 KB
4 KB
Stylesheet
General
Full URL
https://consent.cookiefirst.com/banner/v2.8.0/static-main/ui.7909.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
7605c56363a158c220a0ce923d7542c0177a26c0785bbc0c16f38134c80e740b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-572
cdn-cachedat
04/24/2023 14:10:42
cdn-pullzone
236985
visitor-location
DE
last-modified
Mon, 24 Apr 2023 13:42:28 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
568
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"64468744-29b7"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
52d6101be1b01be99f72a678d10e1fdc
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ui.d482.c.js
consent.cookiefirst.com/banner/v2.8.0/static-main/
25 KB
10 KB
Script
General
Full URL
https://consent.cookiefirst.com/banner/v2.8.0/static-main/ui.d482.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
56311aa5834cad972a648829ee5436c31d8ad41698a94773b1f8a5c04707f6f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cdn-edgestorageid
860
cdn-storageserver
DE-569
cdn-cachedat
04/24/2023 14:10:44
cdn-pullzone
236985
visitor-location
DE
last-modified
Mon, 24 Apr 2023 13:42:28 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
596
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"64468744-63bb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
4b34fd97acc19f799634786bd53d91f8
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNCSXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Apr 2023 10:35:44 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
870
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sat, 29 Apr 2023 12:35:44 GMT
bc4e74a8-ba34-449c-b166-49c02d1232d5-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/
4 KB
2 KB
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/loader-scripts/bc4e74a8-ba34-449c-b166-49c02d1232d5-loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNCSXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-175.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fea7405932e43f8303356313b7bad9540f1bd8b8a9d2228db817e4d55a71336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:15 GMT
x-amz-version-id
VOQjR0S3wUuM7VhaYe02BHxWhu9xckKZ
content-encoding
gzip
last-modified
Wed, 01 Feb 2023 04:31:20 GMT
server
AmazonS3
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"bd307fae1b3907675c3c532f1921e734"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
z1TDqNAql8yEqp8uImhjQspRaKzmLofqvrJusju-GaJF1Mv6wSe2Gw==
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Apr 2023 10:50:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
8hK6CAY3uRtTaqeXHBvUpYa0n1u4zkLuTlwP48lUc4+kaqykUjMBuSVmlB7ZRETtIojzo94rem7Hmh7zOVW86Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
7dd4992e3aa4c8a877760845c878a2e742de8eb1.js
my.hellobar.com/
2 KB
1 KB
Script
General
Full URL
https://my.hellobar.com/7dd4992e3aa4c8a877760845c878a2e742de8eb1.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNCSXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd703ad3d3bf86bf837df215f3bfc34fa7808071c4afdb0995d4c29c0fe76e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Wed, 25 Nov 2020 06:31:02 GMT
server
cloudflare
x-amz-request-id
TC8F5BXKN9AXWAJW
etag
W/"ec0e98bfc8d24e76145374c18c67fe98"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray
7bf6fba1494d35e5-FRA
x-amz-id-2
MMxYEmVqTIBanchq3tsAgFPmIkefpjV+1VylKQx58onorPycrtlhvp866Soh2o4rgwZ5hKl5xPMoaTaFxHkh9Hg3kBNvSs4PdX9jvGyqkYo=
universal.min.js
tag.navdmp.com/
14 KB
5 KB
Script
General
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
2178
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7bf6fba17d909034-FRA
expires
Sat, 29 Apr 2023 11:13:56 GMT
310534_2514.js
receiver.posclick.dinamize.com/forms/js/
89 KB
24 KB
Script
General
Full URL
https://receiver.posclick.dinamize.com/forms/js/310534_2514.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNCSXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.23.208.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-208-81.us-east-2.compute.amazonaws.com
Software
Dinamize-PcReceiver /
Resource Hash
91f1dc76c50a87f07f7bb22a1ddc64739771ff5f5db7fc1cb6b13fe833e44b8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:51:39 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 10:51:39 GMT
server
Dinamize-PcReceiver
etag
2023-04-05 14:12:38.554428752 -0300 -03 m=+3.245195479
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
content-length
24896
plug.js
cdn.croct.io/js/v1/lib/
108 KB
108 KB
Script
General
Full URL
https://cdn.croct.io/js/v1/lib/plug.js?appId=9509fd36-43d4-44f6-9af8-a46280d2a46e
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNCSXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2765:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a30c2122f3174e6511b37b943f7c213c34cfd56adb4bc3c9414934916b5e7ae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:15 GMT
age
0
x-guploader-uploadid
ADPycdsHUUc5rb9ILeFLiVBMa16prQJXxxEaH86_fn-Cgpzw_QOf79cJBD286Ioj72UJaRCy11fDFTTL6Vb0m-qWqSxrwg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110551
last-modified
Wed, 19 Apr 2023 14:43:29 GMT
server
UploadServer
etag
"1502dcf63f1f1ba69f03f024de621e7b"
x-goog-generation
1681915409257384
x-goog-hash
crc32c=yFBMbw==, md5=FQLc9j8fG6afA/Ak3mIeew==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=60
x-goog-stored-content-length
110551
accept-ranges
bytes
js
www.googletagmanager.com/gtag/
233 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G982KKM2R9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNCSXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a22cb446c55896a91c2aea186c7fea8d4f557273ccfb9c0d3ae01f510f9a52e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81927
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Apr 2023 10:50:14 GMT
/
prd-us-brc-wapp-01.azurewebsites.net/ghost/api/v3/content/tags/
4 KB
2 KB
XHR
General
Full URL
https://prd-us-brc-wapp-01.azurewebsites.net/ghost/api/v3/content/tags/?key=c29629231447d75b2c23bc79f5&include=count.posts&filter=visibility%3Apublic%2Baccent_color%3A%20-null
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/_nuxt/a073bca.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
6e101b9764c4d05d03c644c64e61fe6a6fd0c0b7e401f00350d3b41e540025c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://blog.racon.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:14 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
ETag
W/"e83-T8phnXONyNDY8GBNvyXfRA3xDck"
X-Powered-By
Express
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
request-context
appId=cid-v1:
150566321991051
connect.facebook.net/signals/config/
150 KB
42 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/150566321991051?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
03331c7cde02f9511636ee7bbfba0553ee8898916c864369036ee19c5bd4f400
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Apr 2023 10:50:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
H6xhLpbElFgEK4C2kYkePeeHsuL32/a0WRSjPq817Lro4C8MSj8PtJbwTO72LyGnq3e2+QFdzU5TE68BwxntoQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
64377
tag.navdmp.com/u/
511 B
534 B
Script
General
Full URL
https://tag.navdmp.com/u/64377
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84db0029cd4965fe3ae382a2e895b2f8bda04de076a6b97fe98b3dddd761db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 Sep 2021 18:45:01 GMT
server
cloudflare
etag
W/"6137b32d-1ff"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7bf6fba25e6e9034-FRA
expires
Sat, 29 Apr 2023 11:50:15 GMT
collect
stats.g.doubleclick.net/j/
4 B
350 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-32122305-6&cid=1946035295.1682765415&jid=1264990339&gjid=702932789&_gid=1927182045.1682765415&_u=YGBAgAABAAAAAE~&z=250507481
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.racon.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Apr 2023 10:50:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.racon.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=2029716467&t=pageview&_s=1&dl=https%3A%2F%2Fblog.racon.com.br%2Fcomo-negociar-as-suas-dividas%2F&ul=en-us&de=UTF-8&dt=Quer%20saber%20como%20negociar%20as%20suas%20d%C3%ADvidas%3F%20Veja%20nossas%20dicas!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1264990339&gjid=702932789&cid=1946035295.1682765415&tid=UA-32122305-6&_gid=1927182045.1682765415&gtm=45He34q0n71KNCSXB&z=1796374829
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 20:06:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53028
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
246 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G982KKM2R9&gtm=45je34q0&_p=2029716467&gcs=G1--&cid=1946035295.1682765415&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682765414&sct=1&seg=0&dl=https%3A%2F%2Fblog.racon.com.br%2Fcomo-negociar-as-suas-dividas%2F&dt=Quer%20saber%20como%20negociar%20as%20suas%20d%C3%ADvidas%3F%20Veja%20nossas%20dicas!&en=page_view&_fv=2&_ss=2&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G982KKM2R9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 10:50:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.racon.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
consent.cookiefirst.com/sites/blog.racon.com.br-f92afc1c-0b6f-4bdb-a6da-8a0ef8ff0204/
2 KB
1 KB
XHR
General
Full URL
https://consent.cookiefirst.com/sites/blog.racon.com.br-f92afc1c-0b6f-4bdb-a6da-8a0ef8ff0204/styles.css?v=793d7b03-743d-4cad-bd8c-6aa3a89d6112
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-864 /
Resource Hash
0de4e610397f86d2c37000c15a1aac6cd71969cb9b7fb2421f9c9773a50d4177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cdn-edgestorageid
1075
cdn-storageserver
DE-571
cdn-cachedat
04/29/2023 02:59:30
cdn-pullzone
236985
visitor-location
DE
last-modified
Sat, 29 Apr 2023 01:09:02 GMT
server
Cookie First CDN-DE1-864
cdn-fileserver
280
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"644c6e2e-615"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
4ef56d8f8cc53d6cfa1829f5350c02ca
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
lead-tracking.min.js
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/
2 KB
1 KB
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/bc4e74a8-ba34-449c-b166-49c02d1232d5-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-175.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding
gzip
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date
Sat, 29 Apr 2023 06:59:38 GMT
last-modified
Mon, 17 Aug 2020 12:56:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
61432
etag
W/"361325c86c17ebc03ff0f4d88d267a83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
UnSVo20j2xwxRuuRe7hTtphgDFBfkXwGMcSy8A_KdEBSDnzS0kBUEQ==
traffic-source-cookie.min.js
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/
2 KB
1 KB
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/bc4e74a8-ba34-449c-b166-49c02d1232d5-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-175.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding
gzip
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date
Sat, 29 Apr 2023 02:41:33 GMT
last-modified
Mon, 09 Jan 2023 17:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
29322
x-amz-server-side-encryption
AES256
etag
W/"dae3ed517b23abad11d0bd6b79f24080"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Cvh25PMMvcg2R_qcKDr5deuUDLAiyTIWOSqKXgmoo8YXI9zMp_r6aw==
modules-v42.js
my.hellobar.com/
131 KB
37 KB
Script
General
Full URL
https://my.hellobar.com/modules-v42.js
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/7dd4992e3aa4c8a877760845c878a2e742de8eb1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2219ffb81276fd3b9b7bc60f5079aaa78646d47674b2389041fd715e9fcaac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:14 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 25 Nov 2020 06:21:40 GMT
server
cloudflare
x-amz-request-id
TZW2VK6VEF6M3APW
age
683786
etag
W/"e1eaa76f42f1e7769a541342e15da20a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31557600, must-revalidate, proxy-revalidate, s-maxage=31557600
cf-ray
7bf6fba2bb0935e5-FRA
x-amz-id-2
zGvy2Fc/Q7JF16DhJJkhksBcCOF09oF6mvxEp0QkV9Jh7zF4k3QuozZk8TfYFMekQJhCSK5MEYk=
6cf3548.js
blog.racon.com.br/_nuxt/
27 KB
7 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/6cf3548.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/_nuxt/989bf6e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
e9ab2bc29bf15e40803b284f73b5d33967cd29cf0c37ef3545b476c3480e0f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:09 GMT
Server
Microsoft-IIS/10.0
ETag
W/"6afa-17b30261e2b"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
582adb0.js
blog.racon.com.br/_nuxt/
26 KB
6 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/582adb0.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/_nuxt/989bf6e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
81d1cca282ceeef535b2fb7b74e691028f087837b0e11e08c19602a01c6b3f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:09 GMT
Server
Microsoft-IIS/10.0
ETag
W/"69f8-17b30261cef"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
aa0748b.js
blog.racon.com.br/_nuxt/
13 KB
4 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/aa0748b.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/_nuxt/989bf6e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
1ace2a6edfe635d82620873570e80dcc8c22f48bb04b601e06fe85153f70d57e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:11 GMT
Server
Microsoft-IIS/10.0
ETag
W/"33d5-17b30262600"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
f70a0a7.js
blog.racon.com.br/_nuxt/
10 KB
3 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/f70a0a7.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/_nuxt/989bf6e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
490b5d12133f3796becec86a9fc33424f8e55961f12bb05b2d81083f0eee7eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:14 GMT
Server
Microsoft-IIS/10.0
ETag
W/"27e1-17b3026312c"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
2768a46.js
blog.racon.com.br/_nuxt/
12 KB
4 KB
Script
General
Full URL
https://blog.racon.com.br/_nuxt/2768a46.js
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/_nuxt/989bf6e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
c309ee0772deec33600c7cdfdc9913fb56b1c0b8aad13105f249970fb48df50f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/como-negociar-as-suas-dividas/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Aug 2021 13:00:08 GMT
Server
Microsoft-IIS/10.0
ETag
W/"31f8-17b302618c9"
X-Powered-By
Express, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-32122305-6&cid=1946035295.1682765415&jid=1264990339&_u=YGBAgAABAAAAAE~&z=194628441
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 10:50:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-32122305-6&cid=1946035295.1682765415&jid=1264990339&_u=YGBAgAABAAAAAE~&z=194628441
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 10:50:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredevents.js
connect.facebook.net/signals/plugins/
72 KB
22 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Apr 2023 10:50:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4rOn8FjDlvOohjY+NXvsqd11L2iGcCI24LFm0HxPuUVndyTWT+EsnWugwgdA6FrgmB4s68cgO4Fke4+Rq+17bg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=150566321991051&ev=PageView&dl=https%3A%2F%2Fblog.racon.com.br%2Fcomo-negociar-as-suas-dividas%2F&rl=&if=false&ts=1682765414882&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.2.1682765414881.193093608&it=1682765414768&coo=false&rqm=GET
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Apr 2023 10:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
prd-us-brc-wapp-01.azurewebsites.net/ghost/api/v3/content/tags/
1 KB
1 KB
XHR
General
Full URL
https://prd-us-brc-wapp-01.azurewebsites.net/ghost/api/v3/content/tags/?key=c29629231447d75b2c23bc79f5&include=count.posts&filter=visibility%3Ainternal%2Bslug%3A-%5Bcta%2C%20sobre-carousel%2C%20tabs-sobre-nos%2Cprivacidade-indice%2Cprivacidade%2Csimuladorcard%2Ccookie%2Ccookie-indice%2Ctextorodape%5D
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/_nuxt/a073bca.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
017b76b5c9e8492192834ebef304070464485b6caade6e20ae7045b8b160703e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://blog.racon.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 10:50:14 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
ETag
W/"47c-LH+2NVUtHhEaDbLe7vkRx+2s81k"
X-Powered-By
Express
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
request-context
appId=cid-v1:
gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
fonts.gstatic.com/s/materialiconsoutlined/v109/
152 KB
152 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialiconsoutlined/v109/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.racon.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 18:09:50 GMT
x-content-type-options
nosniff
age
578425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155276
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 20:24:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 18:09:50 GMT
usr
usr.navdmp.com/
359 B
430 B
Script
General
Full URL
https://usr.navdmp.com/usr?v=9&acc=64377&u=1&new=1&wst=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e73d4b64c6152b9432335bceaac257702577c842bc142f069da80bd523a1b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Apr 2023 10:50:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
7bf6fba56c6d9034-FRA
expires
Sat, 29 Apr 2023 11:50:15 GMT
req
cdn.navdmp.com/
6 B
77 B
Script
General
Full URL
https://cdn.navdmp.com/req?v=9&id=12a03d8a30e19906d00eba2c5110%7C0&acc=64377&tit=Quer%2520saber%2520como%2520negociar%2520as%2520suas%2520d%25EDvidas%253F%2520Veja%2520nossas%2520dicas%2521&url=https%253A%2F%2Fblog.racon.com.br%2Fcomo-negociar-as-suas-dividas%2F&upd=1&new=1&h1=Quer%2520saber%2520como%2520negociar%2520as%2520suas%2520d%25EDvidas%253F%2520Veja%2520nossas%2520dicas%2521
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7bf6fba68da69034-FRA
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=79997798960
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=79997798960&google_tc=
  • https://sync2.navdmp.com/sync?prtid=2&id=79997798960&google_gid=CAESEFz9JpuVU6QSD3pTp-LEyfk&google_cver=1
6 B
80 B
Script
General
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=79997798960&google_gid=CAESEFz9JpuVU6QSD3pTp-LEyfk&google_cver=1
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7bf6fba7beb89034-FRA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Sat, 29 Apr 2023 10:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=79997798960&google_gid=CAESEFz9JpuVU6QSD3pTp-LEyfk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=23bc644c-f667-4f00-8fb3-c3592ad371e4
43 B
129 B
Image
General
Full URL
https://sync.navdmp.com/sync?img=1&mdia=23bc644c-f667-4f00-8fb3-c3592ad371e4
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:15 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
7bf6fba70e169034-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Sat, 29 Apr 2023 10:50:15 GMT
Server
MT3 830 785530e master cdg-pixel-x34 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=23bc644c-f667-4f00-8fb3-c3592ad371e4
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sat, 29 Apr 2023 10:50:14 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Requested by
Host: blog.racon.com.br
URL: https://blog.racon.com.br/como-negociar-as-suas-dividas/
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Sat, 29 Apr 2023 10:50:15 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
content-type
text/html
cache-control
no-store
content-length
344
custom.js
cdn.croct.io/js/v1/app/9509fd36-43d4-44f6-9af8-a46280d2a46e/
609 B
624 B
Script
General
Full URL
https://cdn.croct.io/js/v1/app/9509fd36-43d4-44f6-9af8-a46280d2a46e/custom.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNCSXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2765:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1ba2b6dd49907b76ddf679f81fe2fc96c50f173a2beddf8c7618d0bdfa4463a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:50:16 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvcguuhFrddD0gBr9i-1ib9oerFG_f5Qr2vHeyNbqLjGtP_gvwlVUNbQA3jUYbGdwWqLdXeZ3-QnBPl6eMTAwA7NA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
last-modified
Sat, 18 Mar 2023 23:30:45 GMT
server
UploadServer
etag
"68c89a4421322456c83520f58932e8e5"
vary
Accept-Encoding
x-goog-hash
crc32c=TV7R8Q==, md5=aMiaRCEyJFbINSD1iTLo5Q==
x-goog-generation
1679182245691756
content-language
en
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=60
x-goog-stored-content-length
332
accept-ranges
bytes
cid
api.croct.io/client/web/
36 B
455 B
Fetch
General
Full URL
https://api.croct.io/client/web/cid
Requested by
Host: cdn.croct.io
URL: https://cdn.croct.io/js/v1/lib/plug.js?appId=9509fd36-43d4-44f6-9af8-a46280d2a46e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.235.228 Del Viso, Argentina, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.235.95.34.bc.googleusercontent.com
Software
/
Resource Hash
d461c0866fb2564066667fc24cf88b9f9062ccfeac38a2a16ff424e2b7e81c01
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://blog.racon.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-Client-Library
Croct SDK JS v0.12.3

Response headers

date
Sat, 29 Apr 2023 10:50:17 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://blog.racon.com.br
cache-control
private, max-age=3200, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
X-Client-Library,Set-Cookie,Cookie
content-length
36
cid
api.croct.io/client/web/
0
0
Preflight
General
Full URL
https://api.croct.io/client/web/cid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.235.228 Del Viso, Argentina, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.235.95.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-library
Access-Control-Request-Method
GET
Origin
https://blog.racon.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Client-Library,Set-Cookie,Cookie
access-control-allow-methods
HEAD,GET
access-control-allow-origin
https://blog.racon.com.br
access-control-max-age
300
cache-control
private, max-age=3200, must-revalidate
content-length
36
content-type
text/plain; charset=UTF-8
date
Sat, 29 Apr 2023 10:50:17 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
send
pageview-notify.rdstation.com.br/
36 B
619 B
XHR
General
Full URL
https://pageview-notify.rdstation.com.br/send
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.116.223.35.bc.googleusercontent.com
Software
/
Resource Hash
69b823e65528a98f4243a6d2c9153828cbf055828ee516e54ba3fdf33f1a58a5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.racon.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 29 Apr 2023 10:50:16 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html;charset=utf-8
access-control-allow-origin
https://blog.racon.com.br
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
*, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length
36
x-xss-protection
1; mode=block
rdstation-popup.min.js
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/
201 KB
56 KB
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/bc4e74a8-ba34-449c-b166-49c02d1232d5-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-175.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8d0f32e074ecaac216b692a8e0dfd4210180fac3578676df923da331265c302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
_Tez5c5lzBJwwJdwHtb2lZNhcYNkcuGC
content-encoding
gzip
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date
Sat, 29 Apr 2023 07:41:19 GMT
last-modified
Wed, 19 Apr 2023 14:32:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
11338
x-amz-server-side-encryption
AES256
etag
"0ab7666fe0fe6b8388c86da4f5923396"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
56478
x-amz-cf-id
ijSZVRz-ysUfbRpHxqwfJa1lbXujOcHbi5snjglSkDloJ96EHb94Rw==
rd-js-integration.min.js
d335luupugsy2.cloudfront.net/js/integration/stable/
13 KB
5 KB
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/bc4e74a8-ba34-449c-b166-49c02d1232d5-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-175.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 04:58:43 GMT
content-encoding
gzip
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-version-id
Ue47Arb7o21QIXzXdR.6SzkIvhr7p6iy
x-amz-cf-pop
FRA60-P3
age
21093
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4699
last-modified
Wed, 29 Mar 2023 14:00:58 GMT
server
AmazonS3
etag
"1f7cabf79794bdf27abc546d74059ded"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
x-amz-cf-id
4UrZdGh8PmlCcqgqcpHiRONp6gieiI8Vx1LTXWkLhxlRH5Z-Sqgw1w==
show.json
popups.rdstation.com.br/popup/
13 B
248 B
XHR
General
Full URL
https://popups.rdstation.com.br/popup/show.json?account_id=2303&uniq=_d7hmd8ppv&ref=aHR0cHM6Ly9ibG9nLnJhY29uLmNvbS5ici9jb21vLW5lZ29jaWFyLWFzLXN1YXMtZGl2aWRhcy8%3D
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.racon.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=7776000
date
Sat, 29 Apr 2023 10:50:17 GMT
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options
sameorigin
content-type
application/json
access-control-allow-origin
*
content-length
13

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| tocbot object| chunkCB number| __COOKIE_BANNER_INIT_TIME__ number| _gtm_init number| doNotTrack object| _gtm_ids function| _gtm_inject object| dataLayer object| __NUXT__ object| webpackJsonp object| google_tag_manager object| google_tag_data object| CookieFirst string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| o object| a object| b function| Navegg object| naveggReady object| nvg64377 function| cookiefirst_show_settings function| gtag function| installComponents object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| RDStation object| RDCookieControl boolean| RDStationTrackingCodeChecker function| bootstrap object| hellobarSiteSettings object| script object| LeadTracking object| TrafficSourceCookie function| hellobar object| dinConfigs string| dinVERSION object| dinFunctions object| dinTargetForm object| dinWhatsForm object| dinSearchForm object| dinLogger object| dinLeadTracker string| _dPosclickSite object| dinPosclick function| _getdPosclickQueryParams function| _setdPosclickCookie function| _getdPosclickCookie function| _dAutomationGtmRegisterAccess function| _dAutomationGtmAddTimer function| _dAutomationGtmCloseTimer function| _dAutomationGtmAccess object| dinForms function| dinLoadFunction function| JSEncrypt object| croct object| croctEap function| _classCallCheck function| _defineProperties function| _createClass function| _typeof function| RDStationFormIntegration function| doRequest object| FormFields function| RDErrorNotifier object| RDIntegrationCookieConsent object| RDIntegrationCreditCard object| RegexNamesFactory object| SensitiveDataFilter object| RDIntegrationDataPrivacy object| FieldMapping object| RdIntegrationIdentifier object| RdIntegration object| RdstationPopup object| credentials

19 Cookies

Domain/Path Name / Value
api.croct.io/client/web Name: cid
Value: bc80f7a9-eabd-48bc-8a0e-309b12930274
.blog.racon.com.br/ Name: ARRAffinity
Value: acbe34dabe814c05ae3a8657b6f150b474679b5c0c3fdfbe88dc8f3c91331856
.blog.racon.com.br/ Name: ARRAffinitySameSite
Value: acbe34dabe814c05ae3a8657b6f150b474679b5c0c3fdfbe88dc8f3c91331856
.prd-us-brc-wapp-01.azurewebsites.net/ Name: ARRAffinitySameSite
Value: acbe34dabe814c05ae3a8657b6f150b474679b5c0c3fdfbe88dc8f3c91331856
.blog.racon.com.br/ Name: _ga
Value: GA1.4.1946035295.1682765415
.blog.racon.com.br/ Name: _gid
Value: GA1.4.1927182045.1682765415
.blog.racon.com.br/ Name: _dc_gtm_UA-32122305-6
Value: 1
.racon.com.br/ Name: _ga_G982KKM2R9
Value: GS1.1.1682765414.1.0.1682765414.0.0.0
.racon.com.br/ Name: _ga
Value: GA1.1.1946035295.1682765415
.racon.com.br/ Name: __trf.src
Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNjgyNzY1NDE0ODQyfQ==
.racon.com.br/ Name: _fbp
Value: fb.2.1682765414881.193093608
.navdmp.com/ Name: ac3
Value: 1
.navdmp.com/ Name: nid
Value: 12a03d8a304afc79f0f6a19ba210|1|149
.racon.com.br/ Name: nvg64377
Value: 12a03d8a30e19906d00eba2c5110|0_120
.mathtag.com/ Name: uuid
Value: 23bc644c-f667-4f00-8fb3-c3592ad371e4
.yahoo.com/ Name: A3
Value: d=AQABBGf2TGQCEDFHfhV6X-CqU0RDp--1UlcFEv__AP8AAAAAAOANyiMAAAAAgA&S=AQAAAi9jbgOREsi5YgJweuBBN14
.doubleclick.net/ Name: IDE
Value: AHWqTUlWECbWC_TfMKfiSFnjbIoqubc9tBRP_dw1bnk4jYn0WJXbhu9X0Yua2FIhxvA
blog.racon.com.br/ Name: dinTrafficSource
Value: eyJ1cmwiOiJodHRwczovL2Jsb2cucmFjb24uY29tLmJyL2NvbW8tbmVnb2NpYXItYXMtc3Vhcy1kaXZpZGFzLyIsInJlZmVyZXIiOiIifQ==
.racon.com.br/ Name: rdtrk
Value: %7B%22id%22%3A%229405c283-9d7b-464c-b02f-1a93398399eb%22%7D

2 Console Messages

Source Level URL
Text
network error URL: https://cdn.croct.io/js/v1/lib/plug.js?appId=9509fd36-43d4-44f6-9af8-a46280d2a46e
Message:
WebSocket connection to 'wss://api.croct.io/client/web/connect/9509fd36-43d4-44f6-9af8-a46280d2a46e?clientId=bc80f7a9-eabd-48bc-8a0e-309b12930274' failed: Error during WebSocket handshake: Unexpected response code: 500
network error URL: https://cdn.croct.io/js/v1/lib/plug.js?appId=9509fd36-43d4-44f6-9af8-a46280d2a46e
Message:
WebSocket connection to 'wss://api.croct.io/client/web/connect/9509fd36-43d4-44f6-9af8-a46280d2a46e?clientId=bc80f7a9-eabd-48bc-8a0e-309b12930274' failed: Error during WebSocket handshake: Unexpected response code: 500

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.croct.io
blog.racon.com.br
cdn.croct.io
cdn.navdmp.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
consent.cookiefirst.com
d335luupugsy2.cloudfront.net
edge.cookiefirst.com
fonts.googleapis.com
fonts.gstatic.com
my.hellobar.com
pageview-notify.rdstation.com.br
pixel.mathtag.com
popups.rdstation.com.br
prd-us-brc-wapp-01.azurewebsites.net
receiver.posclick.dinamize.com
region1.google-analytics.com
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
ups.analytics.yahoo.com
usr.navdmp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
172.217.18.98
2.18.233.201
2001:4860:4802:32::36
212.82.100.182
2400:52e0:1e00::1053:1
2400:52e0:1e00::864:1
2600:1901:0:2765::
2606:4700:10::ac43:2be9
2606:4700::6810:cf3
2606:4700::6811:180e
2a00:1450:4001:803::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.23.208.81
3.71.149.231
34.68.90.188
34.95.235.228
35.223.116.65
40.70.147.14
52.222.250.175
006c30442d1efa0d28ce457720d64d3cde297aaefbf95e28a5d35df2cc877a42
017794a8fb4bcb6c102f4c1471f22bf1c1596f10eb472bf970e1ea46fd1430f5
017b76b5c9e8492192834ebef304070464485b6caade6e20ae7045b8b160703e
03331c7cde02f9511636ee7bbfba0553ee8898916c864369036ee19c5bd4f400
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0de4e610397f86d2c37000c15a1aac6cd71969cb9b7fb2421f9c9773a50d4177
0fea7405932e43f8303356313b7bad9540f1bd8b8a9d2228db817e4d55a71336
1ace2a6edfe635d82620873570e80dcc8c22f48bb04b601e06fe85153f70d57e
1ba2b6dd49907b76ddf679f81fe2fc96c50f173a2beddf8c7618d0bdfa4463a3
1c90c36e39dd3fac52d691dc6276e49e67885220d60d36edb96ed16bcd604e7c
1cc7ed958797912092d8f5efa7f0d49621b5e1692c76349a375b25eff6c5ebcb
210916cc3d098e27480af0c564da0f5697c338cd0530ae1fa4dde3cc973d6cf3
23de5db094dd57ef6a771ae663e7c9e6202e39966fac65ec04771b1d66fd626e
26d8162932e55476dc0f13a00e46230180aca8771aa810b25243df633b9b6b35
2d43f1cd01671af20fd6630ed2838379d08760829edef862969a01fa8b4384e5
2e2c192a21fbe1d2a7db152cb04ec94ade7bcbac78dca8f4fec69b554f7b8a5b
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
490b5d12133f3796becec86a9fc33424f8e55961f12bb05b2d81083f0eee7eff
51c7dd16779ef99335b556017469584cbfd4b7557c991aa2a591051008f4e477
56311aa5834cad972a648829ee5436c31d8ad41698a94773b1f8a5c04707f6f6
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5877d6b46f15764c50fb064a21854e450ca590271c8c38a8cb53a975573e29d0
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
64a4383f30ec2cc2dab9b882da9e82b659aa23b6a0b2ee1118dda32f7a43059f
66a2bf22aa8ce3e6292df2a428b07bc960194482f234874ed4bb8f7df6fac919
67e73d4b64c6152b9432335bceaac257702577c842bc142f069da80bd523a1b6
69b823e65528a98f4243a6d2c9153828cbf055828ee516e54ba3fdf33f1a58a5
6e101b9764c4d05d03c644c64e61fe6a6fd0c0b7e401f00350d3b41e540025c3
7605c56363a158c220a0ce923d7542c0177a26c0785bbc0c16f38134c80e740b
7e581a3fac6a78b1580d141cec8b07ad61bdc4316f26d3a021ff677a3c9d757e
801bf69647b72b4d2212c051b555ae9609a2f1db80776cfd37498f58b0aa49c4
80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d
81d1cca282ceeef535b2fb7b74e691028f087837b0e11e08c19602a01c6b3f12
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84622827b4d829561c0529ef6bd2d68abde648ebd2be53d6a48369562bfcec13
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874653d1b4c5c7781bee8e5de8f487719ed746c5ca1027390508c8a761755244
8cf5632729378a7942702f047bf7ea961ef6d88049dc484e1d42ef7104cfaa21
8d8993db826e76183c3e496c2c6f60d9c03f392d588fca9fbcc8993ebe01dc1b
91f1dc76c50a87f07f7bb22a1ddc64739771ff5f5db7fc1cb6b13fe833e44b8c
923fbfc8859c9895ce722cbcd12d34a3dfafdce370f8f280a3fef08679040f5b
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
980ba92e8607da3acb146555afdeecaaacbdcb3d98cc344c1fea55407bdd2a41
a2219ffb81276fd3b9b7bc60f5079aaa78646d47674b2389041fd715e9fcaac3
a22cb446c55896a91c2aea186c7fea8d4f557273ccfb9c0d3ae01f510f9a52e0
a30c2122f3174e6511b37b943f7c213c34cfd56adb4bc3c9414934916b5e7ae2
a33576f0443f5a5c22c1bf00a442097caaaeb29250f74f4a50958f03d932b500
b505a4cc315e1a350b7872d6e3357ca3e6e6771280d86d7c9fc7e2fc3ec9eb01
bdb53764ea728b1b2c053f505568817f5c5636957003d02ffd5475f2d60b7615
c309ee0772deec33600c7cdfdc9913fb56b1c0b8aad13105f249970fb48df50f
c337acd77a81cc34629265cf2c2cc08e4d7ba58047d37cd6a7160d6a87119461
c34cf4e232ef27fa7d36e964b89ea287f7c55f1f445accf1505f114c3f360a76
c4b8c2d78f03e3f76cc433a7c897032f677b8943058e3c7d5b2350ba656fa2fa
c8d0f32e074ecaac216b692a8e0dfd4210180fac3578676df923da331265c302
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14c71565a499ed525f590f9966614103d26b112c6f6f92e567bfe37e7c4d798
d461c0866fb2564066667fc24cf88b9f9062ccfeac38a2a16ff424e2b7e81c01
d84db0029cd4965fe3ae382a2e895b2f8bda04de076a6b97fe98b3dddd761db6
d94214a26ebcffeb272478a0b5c7187e60e9eeaa587fd105f5d358181bf7762b
dc4e424bedd9339fced8913d0dcde0cc74a729aa1528b4d1ad6679fdfb819715
dca2982b2e244da7a647d6e13cbd5c53a5d8b37be86d1f5655a94d85e9d6507b
e23ca46be5b85e88e2458f160fb5d33c53ed84acae7eb8322c3c461c776772de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e65e7ea1689de696e71a23e3569945587b3d4441d723c079eb355a50100ccdfc
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9ab2bc29bf15e40803b284f73b5d33967cd29cf0c37ef3545b476c3480e0f76
ea9c3576339780235e7e5a6848cda972ce5be884b0a24ee1bfb67f779a32db7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd703ad3d3bf86bf837df215f3bfc34fa7808071c4afdb0995d4c29c0fe76e6
f0dc50b7a93531ae0b82ae3a8b85c9b0b783e2260ce04d7bfcb8e777f5c8d852
f3fb6f84bba82b652061fe51bd396e80a4508efdc8b9ea444e8d615b47bea1c0
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b