urlscan.io logo urlscan.io
SecurityTrails logo

contratecontrole.tim.com.br Open in urlscan Pro
2600:9000:206e:fa00:9:433f:4c80:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: http://contratecontrole.tim.com.br/
Submission: On September 10 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 78 IPs in 10 countries across 67 domains to perform 237 HTTP transactions. The main IP is 2600:9000:206e:fa00:9:433f:4c80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is contratecontrole.tim.com.br.
This is the only time contratecontrole.tim.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2600:9000:206... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 84.17.42.228 60068 (CDN77 ^_^)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 108.138.17.117 16509 (AMAZON-02)
1 2600:9000:230... 16509 (AMAZON-02)
1 199.232.16.157 54113 (FASTLY)
1 3 185.89.210.82 29990 (ASN-APPNEX)
3 2a00:1450:400... 15169 (GOOGLE)
19 2a03:2880:f02... 32934 (FACEBOOK)
1 3 177.54.158.78 262287 (Latitude....)
3 35.201.123.184 15169 (GOOGLE)
1 45.60.65.22 19551 (INCAPSULA)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 54.94.91.194 16509 (AMAZON-02)
3 13.32.99.79 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
1 44.194.145.99 14618 (AMAZON-AES)
8 23.36.163.228 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 43.152.137.21 139341 (ACE-AS-AP...)
2 35.168.107.86 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 18.230.28.231 16509 (AMAZON-02)
1 35.227.215.158 15169 (GOOGLE)
1 1 23.23.45.103 14618 (AMAZON-AES)
1 34.235.56.48 14618 (AMAZON-AES)
2 2 172.217.18.98 15169 (GOOGLE)
2 52.67.55.211 16509 (AMAZON-02)
1 2 185.89.210.212 29990 (ASN-APPNEX)
3 20.96.88.162 8075 (MICROSOFT...)
1 2600:9000:206... 16509 (AMAZON-02)
2 95.131.137.7 47841 (OXALIDE)
2 52.30.226.81 16509 (AMAZON-02)
1 34.192.69.220 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2a03:2880:f10... 32934 (FACEBOOK)
1 18.66.15.82 16509 (AMAZON-02)
4 2a05:d018:94a... 16509 (AMAZON-02)
1 2 20.234.93.27 8075 (MICROSOFT...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
4 34.102.185.99 396982 (GOOGLE-CL...)
2 99.80.34.227 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 8 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 104.16.100.49 13335 (CLOUDFLAR...)
1 104.18.33.254 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
2 34.120.4.21 15169 (GOOGLE)
1 1 185.104.208.41 200449 (QRATOR-)
51 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700:440... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
5 23.35.237.86 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 35.208.216.174 19527 (GOOGLE-2)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.193.44 54113 (FASTLY)
3 70.42.32.31 22075 (AS-OUTBRAIN)
1 23.35.229.181 16625 (AKAMAI-AS)
2 99.86.4.32 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.132 54113 (FASTLY)
1 2606:4700:440... 13335 (CLOUDFLAR...)
237 78
11    2600:9000:206e:fa00:9:433f:4c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
contratecontrole.tim.com.br
1    2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
1    84.17.42.228 (Paris, France)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-42-228.cdn77.com
chc.wooza.com.br
4    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    108.138.17.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-117.fra56.r.cloudfront.net
static.hotjar.com
1    2600:9000:2304:8800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
1    199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
19    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
3    177.54.158.78 (Brazil)

ASN262287 (Latitude.sh LTDA, BR)
PTR: game.strongerhosting.com.br
advcake.dataroyal.com.br
hitbr.acstat.com
3    35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
1    45.60.65.22 (United States)

ASN19551 (INCAPSULA, US)
www.tim.com.br
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    54.94.91.194 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-91-194.sa-east-1.compute.amazonaws.com
event.getblue.io
3    13.32.99.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-79.fra60.r.cloudfront.net
cdn.fanplayr.com
2    2600:9000:206e:f200:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tm.jsuol.com.br
1    44.194.145.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-145-99.compute-1.amazonaws.com
secure.afilio.com.br
8    23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2606:4700:3031::6815:2a29 (United States)

ASN13335 (CLOUDFLARENET, US)
admaxium.com
1    43.152.137.21 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
s1.kwai.net
2    35.168.107.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-107-86.compute-1.amazonaws.com
gtw.celulardireto.com.br
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
fonts.gstatic.com
1    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2620:1ec:27::cafe:1644 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    18.230.28.231 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-230-28-231.sa-east-1.compute.amazonaws.com
widget.getblue.io
1    35.227.215.158 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 158.215.227.35.bc.googleusercontent.com
api.mythad.com
1    23.23.45.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-45-103.compute-1.amazonaws.com
my.fanplayr.com
1    34.235.56.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-56-48.compute-1.amazonaws.com
e1.fanplayr.com
2    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
2    52.67.55.211 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-67-55-211.sa-east-1.compute.amazonaws.com
cms.getblue.io
2    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
1    2600:9000:206f:3200:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tm.uol.com.br
2    95.131.137.7 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net
vu.adschoom.com
2    52.30.226.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-226-81.eu-west-1.compute.amazonaws.com
smct.co
1    34.192.69.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-69-220.compute-1.amazonaws.com
cdn.dsspn.com
1    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
analytics.fatmedia.io
3    2606:4700:10::ac43:47d (United States)

ASN13335 (CLOUDFLARENET, US)
js.smct.io
6    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    18.66.15.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-82.vie50.r.cloudfront.net
d2d7do8qaecbru.cloudfront.net
4    2a05:d018:94a:8a00:e936:6459:f314:3358 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
cognito-identity.eu-west-1.amazonaws.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
4    2606:4700:3036::6815:1f54 (United States)

ASN13335 (CLOUDFLARENET, US)
prdredir.com
1    2606:4700:3032::6815:e89 (United States)

ASN13335 (CLOUDFLARENET, US)
redirect.cdn77.cloud
3    2606:4700:3037::6815:2795 (United States)

ASN13335 (CLOUDFLARENET, US)
mediamathrdrt.com
4    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
b.t.tailtarget.com
tt-9892-2.seg.t.tailtarget.com
t.tailtarget.com
2    99.80.34.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-34-227.eu-west-1.compute.amazonaws.com
firehose.eu-west-1.amazonaws.com
1    2606:4700::6811:7050 (United States)

ASN13335 (CLOUDFLARENET, US)
casadeapostas.com
8    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
gml-grp.com
4    2606:4700::6811:5559 (United States)

ASN13335 (CLOUDFLARENET, US)
br.betano.com
cl.betano.com
1    2606:4700:4400::ac40:9329 (United States)

ASN13335 (CLOUDFLARENET, US)
mediaserver.entainpartners.com
1    104.16.100.49 (None, )

ASN13335 (CLOUDFLARENET, US)
sports.sportingbet.com
1    104.18.33.254 (None, )

ASN13335 (CLOUDFLARENET, US)
sports.sportingbet.de
2    2606:4700::6811:2d1e (United States)

ASN13335 (CLOUDFLARENET, US)
www.betano.pt
2    2606:4700:4400::6812:2337 (United States)

ASN13335 (CLOUDFLARENET, US)
www.betano.de
2    34.120.4.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.4.120.34.bc.googleusercontent.com
eum-orange-saas.instana.io
1    185.104.208.41 (Czech Republic)

ASN200449 (QRATOR-, CZ)
trkmad.com
51    2606:4700:4400::6812:2a52 (United States)

ASN13335 (CLOUDFLARENET, US)
www.investing.com
i-invdn-com.investing.com
d1-invdn-com.investing.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
9    2606:4700:4400::ac40:950d (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
6    2a00:1450:4001:80b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
5    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
amplify.outbrain.com
widget-pixels.outbrain.com
1    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
3    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
mcdp-nydc1.outbrain.com
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
2    99.86.4.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net
sb.scorecardresearch.com
1    2606:4700:4400::6812:246f (United States)

ASN13335 (CLOUDFLARENET, US)
streaming.forexpros.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    2606:4700:4400::ac40:91ae (United States)

ASN13335 (CLOUDFLARENET, US)
sbcharts.investing.com
Apex Domain
Subdomains		 Transfer
52 investing.com
www.investing.com — Cisco Umbrella Rank: 102971
i-invdn-com.investing.com — Cisco Umbrella Rank: 66502
d1-invdn-com.investing.com — Cisco Umbrella Rank: 160206
sbcharts.investing.com — Cisco Umbrella Rank: 173470
2 MB
13 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 582
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 257
176 KB
12 tim.com.br
contratecontrole.tim.com.br
www.tim.com.br
1 MB
11 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3915
www.google.com — Cisco Umbrella Rank: 19
accounts.google.com — Cisco Umbrella Rank: 126
apis.google.com — Cisco Umbrella Rank: 203
133 KB
9 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1474
amplify.outbrain.com — Cisco Umbrella Rank: 3293
tr.outbrain.com — Cisco Umbrella Rank: 2932
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337
odb.outbrain.com — Cisco Umbrella Rank: 1813
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5995
98 KB
9 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 8582
215 KB
8 gml-grp.com
gml-grp.com — Cisco Umbrella Rank: 41054
4 KB
8 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1027
88 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 787
k.clarity.ms — Cisco Umbrella Rank: 6776
c.clarity.ms — Cisco Umbrella Rank: 1178
26 KB
7 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
static.doubleclick.net — Cisco Umbrella Rank: 439
161 KB
7 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 66654
d.tailtarget.com — Cisco Umbrella Rank: 75470
b.t.tailtarget.com — Cisco Umbrella Rank: 61775
tt-9892-2.seg.t.tailtarget.com
t.tailtarget.com — Cisco Umbrella Rank: 10724
25 KB
6 amazonaws.com
cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 7861
firehose.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 8915
3 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
14 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
249 KB
5 fanplayr.com
cdn.fanplayr.com — Cisco Umbrella Rank: 80639
my.fanplayr.com — Cisco Umbrella Rank: 127774
e1.fanplayr.com — Cisco Umbrella Rank: 100132
73 KB
5 getblue.io
event.getblue.io — Cisco Umbrella Rank: 50262
widget.getblue.io — Cisco Umbrella Rank: 52236
cms.getblue.io — Cisco Umbrella Rank: 73477
4 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 725
ib.adnxs.com — Cisco Umbrella Rank: 329
5 KB
4 betano.com
br.betano.com — Cisco Umbrella Rank: 113159
cl.betano.com — Cisco Umbrella Rank: 508080
814 B
4 prdredir.com
prdredir.com — Cisco Umbrella Rank: 73687
4 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 664
c.bing.com — Cisco Umbrella Rank: 408
13 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
80 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
279 KB
3 mediamathrdrt.com
mediamathrdrt.com — Cisco Umbrella Rank: 92300
3 KB
3 smct.io
js.smct.io — Cisco Umbrella Rank: 31077
33 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
67 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 480
fonts.googleapis.com — Cisco Umbrella Rank: 120
8 KB
3 instana.io
eum.instana.io — Cisco Umbrella Rank: 9088
eum-orange-saas.instana.io — Cisco Umbrella Rank: 5017
10 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
2 KB
2 betano.de
www.betano.de — Cisco Umbrella Rank: 309806
543 B
2 betano.pt
www.betano.pt — Cisco Umbrella Rank: 129392
458 B
2 smct.co
smct.co — Cisco Umbrella Rank: 22314
4 KB
2 adschoom.com
vu.adschoom.com — Cisco Umbrella Rank: 206504
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 3469
564 B
2 celulardireto.com.br
gtw.celulardireto.com.br
925 B
2 jsuol.com.br
tm.jsuol.com.br — Cisco Umbrella Rank: 85916
17 KB
2 dataroyal.com.br
advcake.dataroyal.com.br — Cisco Umbrella Rank: 391438
15 KB
1 forexpros.com
streaming.forexpros.com — Cisco Umbrella Rank: 181386
269 B
1 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265
464 B
1 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1042
18 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1811
47 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1040
373 B
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 39705
727 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1568
5 KB
1 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 730
1 KB
1 trkmad.com
trkmad.com — Cisco Umbrella Rank: 322423
189 B
1 sportingbet.de
sports.sportingbet.de
1 sportingbet.com
sports.sportingbet.com — Cisco Umbrella Rank: 255140
1004 B
1 entainpartners.com
mediaserver.entainpartners.com — Cisco Umbrella Rank: 137666
754 B
1 casadeapostas.com
casadeapostas.com — Cisco Umbrella Rank: 118528
1 cdn77.cloud
redirect.cdn77.cloud — Cisco Umbrella Rank: 966590
963 B
1 acstat.com
hitbr.acstat.com — Cisco Umbrella Rank: 408840
536 B
1 cloudfront.net
d2d7do8qaecbru.cloudfront.net
811 B
1 fatmedia.io
analytics.fatmedia.io — Cisco Umbrella Rank: 117394
229 B
1 dsspn.com
cdn.dsspn.com — Cisco Umbrella Rank: 92767
161 B
1 uol.com.br
tm.uol.com.br — Cisco Umbrella Rank: 92492
689 B
1 mythad.com
api.mythad.com — Cisco Umbrella Rank: 10525
640 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 870
354 B
1 t.co
t.co — Cisco Umbrella Rank: 600
338 B
1 kwai.net
s1.kwai.net — Cisco Umbrella Rank: 17070
43 KB
1 admaxium.com
admaxium.com — Cisco Umbrella Rank: 123488
33 KB
1 afilio.com.br
secure.afilio.com.br — Cisco Umbrella Rank: 349230
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 996
15 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4377
9 KB
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 871
19 KB
1 wooza.com.br
chc.wooza.com.br
3 KB
0 americanas.com.br Failed
www.americanas.com.br Failed
0 sociomantic.com Failed
us-sonar.sociomantic.com Failed
237 67
Domain Requested by
44 i-invdn-com.investing.com www.investing.com
i-invdn-com.investing.com
11 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
11 contratecontrole.tim.com.br contratecontrole.tim.com.br
eum.instana.io
9 cookie-cdn.cookiepro.com www.investing.com
cookie-cdn.cookiepro.com
8 gml-grp.com 8 redirects
8 analytics.tiktok.com contratecontrole.tim.com.br
analytics.tiktok.com
eum.instana.io
6 accounts.google.com www.investing.com
apis.google.com
contratecontrole.tim.com.br
www.gstatic.com
accounts.google.com
6 www.investing.com redirect.cdn77.cloud
i-invdn-com.investing.com
contratecontrole.tim.com.br
www.investing.com
static.cloudflareinsights.com
6 www.facebook.com contratecontrole.tim.com.br
www.investing.com
6 connect.facebook.net contratecontrole.tim.com.br
connect.facebook.net
www.googletagmanager.com
4 prdredir.com contratecontrole.tim.com.br
4 cognito-identity.eu-west-1.amazonaws.com eum.instana.io
4 www.google-analytics.com www.googletagmanager.com
contratecontrole.tim.com.br
www.investing.com
4 www.googletagmanager.com contratecontrole.tim.com.br
www.googletagmanager.com
www.investing.com
3 widgets.outbrain.com www.investing.com
3 mediamathrdrt.com contratecontrole.tim.com.br
3 js.smct.io eum.instana.io
smct.co
js.smct.io
3 k.clarity.ms eum.instana.io
3 cdn.fanplayr.com contratecontrole.tim.com.br
cdn.fanplayr.com
3 bat.bing.com contratecontrole.tim.com.br
bat.bing.com
3 secure.adnxs.com 1 redirects contratecontrole.tim.com.br
www.investing.com
2 scontent.xx.fbcdn.net www.facebook.com
2 sb.scorecardresearch.com www.investing.com
2 tr.outbrain.com amplify.outbrain.com
www.investing.com
2 apis.google.com www.investing.com
apis.google.com
2 securepubads.g.doubleclick.net www.investing.com
securepubads.g.doubleclick.net
2 eum-orange-saas.instana.io eum.instana.io
2 cl.betano.com 1 redirects prdredir.com
2 www.betano.de 1 redirects prdredir.com
2 www.betano.pt 1 redirects prdredir.com
2 br.betano.com 1 redirects prdredir.com
2 firehose.eu-west-1.amazonaws.com eum.instana.io
2 b.t.tailtarget.com d.tailtarget.com
2 c.clarity.ms 1 redirects
2 d.tailtarget.com contratecontrole.tim.com.br
d.tailtarget.com
2 smct.co secure.afilio.com.br
js.smct.io
2 vu.adschoom.com secure.afilio.com.br
vu.adschoom.com
2 ib.adnxs.com 1 redirects event.getblue.io
2 cms.getblue.io event.getblue.io
2 cm.g.doubleclick.net 2 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.de contratecontrole.tim.com.br
2 stats.g.doubleclick.net www.googletagmanager.com
eum.instana.io
2 region1.analytics.google.com www.googletagmanager.com
2 fonts.googleapis.com ajax.googleapis.com
i-invdn-com.investing.com
2 gtw.celulardireto.com.br eum.instana.io
2 tm.jsuol.com.br www.googletagmanager.com
tm.uol.com.br
2 event.getblue.io www.googletagmanager.com
event.getblue.io
2 advcake.dataroyal.com.br 1 redirects contratecontrole.tim.com.br
1 sbcharts.investing.com i-invdn-com.investing.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 www.gstatic.com accounts.google.com
1 streaming.forexpros.com i-invdn-com.investing.com
1 widget-pixels.outbrain.com www.investing.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 cdn.taboola.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 geolocation.onetrust.com cookie-cdn.cookiepro.com
1 amplify.outbrain.com www.investing.com
1 rt.ad-score.com i-invdn-com.investing.com
1 t.tailtarget.com
1 static.cloudflareinsights.com www.investing.com
1 static.doubleclick.net www.investing.com
1 d1-invdn-com.investing.com www.investing.com
1 cdn.cookielaw.org www.investing.com
1 tt-9892-2.seg.t.tailtarget.com d.tailtarget.com
1 trkmad.com 1 redirects
1 sports.sportingbet.de mediamathrdrt.com
1 sports.sportingbet.com 1 redirects
1 mediaserver.entainpartners.com 1 redirects
1 casadeapostas.com mediamathrdrt.com
1 redirect.cdn77.cloud contratecontrole.tim.com.br
1 c.bing.com 1 redirects
1 hitbr.acstat.com eum.instana.io
1 d2d7do8qaecbru.cloudfront.net js.smct.io
1 analytics.fatmedia.io secure.afilio.com.br
1 cdn.dsspn.com secure.afilio.com.br
1 tm.uol.com.br tm.jsuol.com.br
1 e1.fanplayr.com contratecontrole.tim.com.br
1 my.fanplayr.com 1 redirects
1 api.mythad.com eum.instana.io
1 widget.getblue.io event.getblue.io
1 analytics.twitter.com contratecontrole.tim.com.br
1 t.co contratecontrole.tim.com.br
1 www.google.com contratecontrole.tim.com.br
1 s1.kwai.net contratecontrole.tim.com.br
1 admaxium.com www.googletagmanager.com
1 secure.afilio.com.br www.googletagmanager.com
1 www.tim.com.br www.googletagmanager.com
1 tags.t.tailtarget.com contratecontrole.tim.com.br
1 ajax.googleapis.com contratecontrole.tim.com.br
1 static.ads-twitter.com www.googletagmanager.com
1 www.dwin1.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 chc.wooza.com.br contratecontrole.tim.com.br
1 eum.instana.io contratecontrole.tim.com.br
0 www.americanas.com.br Failed mediamathrdrt.com
0 us-sonar.sociomantic.com Failed contratecontrole.tim.com.br
237 100

This site contains no links.

Subject Issuer Validity Valid
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-09 -
2022-12-10		 a year crt.sh
*.wooza.com.br
Sectigo RSA Domain Validation Secure Server CA		 2022-05-19 -
2023-05-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.dwin1.com
Amazon		 2021-11-19 -
2022-12-17		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-19 -
2022-09-17		 3 months crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-02 -
2023-03-01		 6 months crt.sh
afilio.com.br
Amazon		 2022-03-28 -
2023-04-25		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.kwai.net
GlobalSign RSA OV SSL CA 2018		 2020-08-12 -
2022-11-15		 2 years crt.sh
*.celulardireto.com.br
Amazon		 2022-02-18 -
2023-03-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.getblue.io
Amazon		 2022-07-28 -
2023-08-26		 a year crt.sh
*.mythad.com
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-01 -
2023-04-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.uol.com.br
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
analytics.fatmedia.io
GTS CA 1D4		 2022-09-05 -
2022-12-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
smct.co
Amazon		 2022-04-17 -
2023-05-16		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
cognito-identity.eu-west-1.amazonaws.com
Amazon		 2022-06-07 -
2023-07-06		 a year crt.sh
*.jsuol.com.br
Amazon		 2022-09-02 -
2023-10-01		 a year crt.sh
br.acstat.com
R3		 2022-08-13 -
2022-11-11		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
firehose.eu-west-1.amazonaws.com
Amazon		 2022-06-08 -
2023-05-26		 a year crt.sh
*.casadeapostas.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-18 -
2023-06-24		 a year crt.sh
investing.com
Cloudflare Inc ECC CA-3		 2022-08-01 -
2023-08-01		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2022-04-19 -
2023-04-19		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.forexpros.com
E1		 2022-08-21 -
2022-11-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 17 frames:

Primary Page: http://contratecontrole.tim.com.br/
Frame ID: 84D07F3BD2133A5CDD63B512FC63DC79
Requests: 94 HTTP requests in this frame

Frame: http://event.getblue.io/p/?cId=50B276F9-E977-2327-61CBC305EF5DCAE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&v=13072020-1328&nocache=6998628530420.248
Frame ID: 26B62AA59FFA58D3FE816321280B83E3
Requests: 4 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 236CE79F3F345D925DAE80C93457E254
Requests: 2 HTTP requests in this frame

Frame: https://smct.co/lse1.0.html
Frame ID: C8ADEA8E36E21AE44A7EFFB613BD5A69
Requests: 1 HTTP requests in this frame

Frame: https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Frame ID: 8E03C7D12EF34ECB149B8CCC33A949B1
Requests: 1 HTTP requests in this frame

Frame: http://prdredir.com/product/1e398ec7fd9404212a956f8a5143013190e58624a47482716c9e039910099844
Frame ID: 3BBB98729DA11021E10C577DF71A2585
Requests: 2 HTTP requests in this frame

Frame: http://redirect.cdn77.cloud/product/fba35b9e600433712aae96be2db535664e3e57dead9556de7bab4d4864549842
Frame ID: A348F252BFF5A53F70614F5927FC4951
Requests: 1 HTTP requests in this frame

Frame: http://mediamathrdrt.com/product/267792549a8e756b76d6372e89a8c6e5c1d9d0c17b0f82d1cdd2a5f40ba24a18
Frame ID: 7DF86D1E33E8BD23513C21BB07EE1750
Requests: 2 HTTP requests in this frame

Frame: http://prdredir.com/product/21d1a36fc788258fc6b6c97f7451ed9b8acde1b3a7f0ac84ad3ee16490d0aa9c
Frame ID: 427870598F1DC3AF921391B7D5E14D04
Requests: 2 HTTP requests in this frame

Frame: http://prdredir.com/product/23148a1a3ebd1850a1671fbb83f90ea5b9c89f95f53defdf49b8994a7d44f5c8
Frame ID: 1E607E14AEFB993623B02FBB7B1808E0
Requests: 2 HTTP requests in this frame

Frame: http://mediamathrdrt.com/product/24c98a06c6178f723ce6c144b04baf9466cf800ddf3dcab6119ed77f94852097
Frame ID: 66F97CC1142AF88DF31AC7BB3ECDB01D
Requests: 2 HTTP requests in this frame

Frame: http://mediamathrdrt.com/product/5d2ba714e9c383fc2b5791af6183cc2427cf66951b0f1147dd8d351ec291c70b
Frame ID: B271270FE426199A3EF97D6CC5F09151
Requests: 2 HTTP requests in this frame

Frame: http://prdredir.com/product/fe08457a1406d01f7a6226aa566188cffb7adafebaadf8092f1909559839a111
Frame ID: DF62750EB9EB33A81690267563E0148F
Requests: 2 HTTP requests in this frame

Frame: https://www.investing.com/
Frame ID: 5E7813FA8265E2680C2E904A12F3A6C7
Requests: 93 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Frame ID: 54D2CEE00C29DBCE366827F4F6D860A8
Requests: 14 HTTP requests in this frame

Frame: https://www.investing.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662782400
Frame ID: D1F8EF1E01C19996C13933B472FF5E29
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: EF69B9D7F47D098B612416E4B0C3E622
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TIM CONTROLEFacebookEasyTwitterMessengerTelegramWhatsappWaze

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • highcharts.*\.js
Overall confidence: 100%
Detected patterns
  • jscharts.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

237
Requests

79 %
HTTPS

51 %
IPv6

67
Domains

100
Subdomains

78
IPs

10
Countries

4608 kB
Transfer

13233 kB
Size

75
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://secure.adnxs.com/px?id=1573093&t=2&gtmcb=2043761240 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1573093%26t%3D2%26gtmcb%3D2043761240
Request Chain 19
  • http://advcake.dataroyal.com.br/scripts/dataroyal_tag.js HTTP 301
  • https://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
Request Chain 24
  • http://bat.bing.com/bat.js HTTP 307
  • https://bat.bing.com/bat.js
Request Chain 63
  • http://my.fanplayr.com/external.Genius/?callback=jQuery1111041132272948222526_1662790977838&a=init&uuid=1662790977845-d8427ce07d7a0b0d9f352df5&user=0&session=0&url=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&store_domain=contratecontrole.tim.com.br&tz=0&account=ecd8f4e7d01f34f44039ebf2a44fc361&store_data=shopType%3Dcustom%26pageType%3Dhome%26productPrice%3D0%26lineItemCount%3D0%26numItems%3D0%26discount%3D0%26total%3D0%26repeatCart%3Dfalse%26repeatCustomData%3D0%26custom%3D1%26version%3D3&custom_data=&invocation=0&ref=&log_only=0&browser_language=en-US&widget_language=&push=&swv=u&gacid=1554895828.1662790977&idmap=%7B%7D&adaptor=1.0.8&_=1662790977839 HTTP 302
  • http://e1.fanplayr.com/external.Genius/?callback=jQuery1111041132272948222526_1662790977838&a=init&uuid=1662790977845-d8427ce07d7a0b0d9f352df5&user=0&session=0&url=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&store_domain=contratecontrole.tim.com.br&tz=0&account=ecd8f4e7d01f34f44039ebf2a44fc361&store_data=shopType%3Dcustom%26pageType%3Dhome%26productPrice%3D0%26lineItemCount%3D0%26numItems%3D0%26discount%3D0%26total%3D0%26repeatCart%3Dfalse%26repeatCustomData%3D0%26custom%3D1%26version%3D3&custom_data=&invocation=0&ref=&log_only=0&browser_language=en-US&widget_language=&push=&swv=u&gacid=1554895828.1662790977&idmap=%7B%7D&adaptor=1.0.8&_=1662790977839
Request Chain 66
  • https://cm.g.doubleclick.net/pixel?google_nid=getblue&google_cm&&google_sc&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&google_ula=7141573074&ula=7141573074&google_hm=MDU3QTAyRTctNjBCRS00MUU4LTk4QzNDRDIwNkRBODJEQjQ&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=getblue&google_cm=&google_sc=&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&google_ula=7141573074&ula=7141573074&google_hm=MDU3QTAyRTctNjBCRS00MUU4LTk4QzNDRDIwNkRBODJEQjQ&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&google_tc= HTTP 302
  • https://cms.getblue.io/cm/?src=adx&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&ula=7141573074&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&google_gid=CAESEMNU18d1XFTYl-n9dOqLdz4&google_cver=1&google_ula=7141573074,0
Request Chain 68
  • https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&appnexusid=$UID HTTP 302
  • https://cms.getblue.io/cm/?src=appnexus&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&appnexusid=8842013843892974786
Request Chain 90
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=4A4E8CB842244A50A4313A1FFE8B413A&RedC=c.clarity.ms&MXFR=2D03C072B062606002D9D269B4626E1C HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=4A4E8CB842244A50A4313A1FFE8B413A&MUID=022073F548046D471EED61EE498F6C6A
Request Chain 105
  • https://www.awin1.com/cread.php?awinmid=22193&awinaffid=1076683&campaign=home&ued=https%3A%2F%2Fwww.americanas.com.br%2F HTTP 302
  • https://www.zenaps.com/rclick.php?mid=22193&c_len=1209600&c_ts=1662790979&c_cnt=1076683%7C0%7C0%7C1662790979%7C%7Caw%7C0&ir=04013700-30d1-11ed-92c9-2266c8de2152&pr=https%3A%2F%2Fwww.americanas.com.br%2F%3Futm_medium%3Dafiliados%26utm_source%3Daflb2w%26utm_campaign%3Dmarca%3Aacom%3Bmidia%3Aafiliados%3Bformato%3A00%3Bsubformato%3A00%3Bidcampanha%3Aacom%3Bfranq%3A1076683%26utm_content%3D22193_1662790979_24aa0bee580ccbeb586bd3d0afb53d6b%26epar%3DAF_00_00_AB_ACOM%26opn%3DAFLACOM%26franq%3D1076683&bId=HLEX_631c2d43e461d5.47777394&cookie=1&c_d=zenaps.com HTTP 302
  • https://www.americanas.com.br/?utm_medium=afiliados&utm_source=aflb2w&utm_campaign=marca:acom;midia:afiliados;formato:00;subformato:00;idcampanha:acom;franq:1076683&utm_content=22193_1662790979_24aa0bee580ccbeb586bd3d0afb53d6b&epar=AF_00_00_AB_ACOM&opn=AFLACOM&franq=1076683
Request Chain 107
  • https://gml-grp.com/C.ashx?btag=a_8454b_888c_&affid=2441&siteid=8454&adid=888&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_8454b_888c_&affid=2441&siteid=8454&adid=888&c=&AutoR=1 HTTP 302
  • https://br.betano.com/?btag=a_8454b_888c_&utm_medium=2441&utm_source=1&siteid=8454 HTTP 302
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
Request Chain 108
  • https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2030004 HTTP 303
  • https://sports.sportingbet.com/pt-br/sports?sb=1&wm=5201073 HTTP 302
  • https://sports.sportingbet.de/de/sports?sb=1&wm=5201073
Request Chain 109
  • https://gml-grp.com/C.ashx?btag=a_8454b_936c_&affid=2441&siteid=8454&adid=936&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_8454b_936c_&affid=2441&siteid=8454&adid=936&c=&AutoR=1 HTTP 302
  • https://www.betano.pt/landing/345399/?btag=a_8454b_936c_&utm_medium=2441&utm_source=1&siteid=8454 HTTP 302
  • https://www.betano.pt/myaccount/ban/country-341630?siteid=14
Request Chain 110
  • https://gml-grp.com/C.ashx?btag=a_8454b_817c_&affid=2441&siteid=8454&adid=817&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_8454b_817c_&affid=2441&siteid=8454&adid=817&c=&AutoR=1 HTTP 302
  • https://www.betano.de/?btag=a_8454b_817c_&utm_medium=2441&utm_source=1&siteid=8454 HTTP 302
  • https://www.betano.de/?utm_medium=2441&utm_source=1&siteid=8454
Request Chain 112
  • https://gml-grp.com/C.ashx?btag=a_8454b_1218c_&affid=2441&siteid=8454&adid=1218&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_8454b_1218c_&affid=2441&siteid=8454&adid=1218&c=&AutoR=1 HTTP 302
  • https://cl.betano.com/?btag=a_8454b_1218c_&utm_medium=2441&utm_source=1&siteid=8454 HTTP 302
  • https://cl.betano.com/myaccount/ban/country-341630?siteid=14
Request Chain 115
  • https://trkmad.com/1983494/ HTTP 302
  • https://www.investing.com/

237 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
contratecontrole.tim.com.br/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22e605e40b9b162c771c7d0558b2b6abfae66c042236e0ba975e7793a0014e95

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
277302
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 07 Sep 2022 01:21:15 GMT
ETag
W/"80002b8f7acd7d14b9d64d7e3aa887b8"
Last-Modified
Tue, 23 Aug 2022 18:36:17 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 96296f2b3ee1b7cbc3fb127d3383661e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
MfvAiWrYaopnPfX2VV0B-_TF1idAK49H5C593SaBjYh2xXNcR3JSBQ==
X-Amz-Cf-Pop
VIE50-C1
X-Cache
Hit from cloudfront
vendors.2d7bac2b40748fd5.css
contratecontrole.tim.com.br/assets/styles/ 		1 MB
483 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://contratecontrole.tim.com.br/assets/styles/vendors.2d7bac2b40748fd5.css
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57f3bdf4340cc327ebe08b697fc70fd5488389758edaa1d93f8279f850c0e792

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:38:14 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:16 GMT
Server
AmazonS3
Age
1511083
ETag
W/"d0f4a9fa4684404d1529b1c320a2010c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 96296f2b3ee1b7cbc3fb127d3383661e.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
VIE50-C1
X-Amz-Cf-Id
szrLLY4L8IJb6H0ELLIOkApERHROG3uXs-REU1PCFZDwB-N93KnD6w==
styles.2d7bac2b40748fd5.css
contratecontrole.tim.com.br/assets/styles/ 		149 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://contratecontrole.tim.com.br/assets/styles/styles.2d7bac2b40748fd5.css
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6179f3545cbb6f156075116ade4897933faa893ace06a7a642e18b95e5651871

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 00:59:07 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:16 GMT
Server
AmazonS3
Age
969830
ETag
W/"7e126c200816b37ccf4931713db12cb9"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 cc6cd0f2b9d4d88785ea5a737059a4fe.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
VIE50-C1
X-Amz-Cf-Id
8_fOz38Cx_IcfX7t2T5OcpzDBUt5sDWK0LdmZesHIjsSTZ-E0bUH6A==
eum.min.js
eum.instana.io/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309

Request headers

Referer
http://contratecontrole.tim.com.br/
Origin
http://contratecontrole.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 06:22:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
etag
1562908762--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
748612758d8f994b-FRA
via
1.1 google
chc.js
chc.wooza.com.br/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chc.wooza.com.br/chc.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.42.228 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-42-228.cdn77.com
Software
AmazonS3 /
Resource Hash
07ca2e7e846658f50dc21cee2e3ff9cc9bf5136091ec8004615ae66768097e16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
gzip
last-modified
Wed, 01 Jul 2020 21:42:10 GMT
server
AmazonS3
age
880508
etag
W/"56a8044926c9dd83a2a961227c2da567"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4de3cdbf8046367453bc168e829b445f.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
MIA3-C5
x-amz-cf-id
FOpFb3Jg0zvMN3-uPLow3kH4eWM4l7OZuSfGJU4EhBwKb1YirihGfw==
expires
Sat, 17 Sep 2022 06:22:57 GMT
vendors.2d7bac2b40748fd5.js
contratecontrole.tim.com.br/assets/js/ 		2 MB
474 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contratecontrole.tim.com.br/assets/js/vendors.2d7bac2b40748fd5.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bdcd2bd4a99d5b584b8e42c29ce1c7d6b67d8375d28dd8c424196c78942bfae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 01:02:35 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:16 GMT
Server
AmazonS3
Age
1228822
ETag
W/"5d40b1e49ee554dcdf4fd25a91faba10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 0b828d2972235c5e8de186e29f1866fc.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
VIE50-C1
X-Amz-Cf-Id
3qYCzwBD5kJwYDqtfCAay8DfNPnx890XBPYkDGmVjBxpjrOCt2XDFw==
bundles.2d7bac2b40748fd5.js
contratecontrole.tim.com.br/assets/js/ 		147 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contratecontrole.tim.com.br/assets/js/bundles.2d7bac2b40748fd5.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
737ef43557c201d06d96b1bc246a31d741b4cc85aceec9fe0b10c3730b20b1a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:39:25 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:16 GMT
Server
AmazonS3
Age
1511012
ETag
W/"b3353aa2fbb981e14becd4e76fbc7c36"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
VIE50-C1
X-Amz-Cf-Id
_7wnFJC0neqlDWyBEfTeDtt0JdgxESX3eS6-1exW58-uGvnQTYjXiw==
gtm.js
www.googletagmanager.com/ 		134 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJG5FP2
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfb78871cea82ed4e1ff7e0ac8c6f4d9df233ab3da375bc686cb371742b80d71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49591
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Sep 2022 06:22:56 GMT
gtm.js
www.googletagmanager.com/ 		300 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98be3e0d4faa61fe9f55f8ff76568ce307b2a0874cc446153ce099b279308e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89395
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Sep 2022 06:22:57 GMT
optimize.js
www.google-analytics.com/gtm/ 		104 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-5KXN43J
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
560245442f0ab5b6379aeacaf323be0e27acf000d42e8c58c490f6e82435141c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41225
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Sep 2022 06:22:57 GMT
hotjar-1328257.js
static.hotjar.com/c/ 		232 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1328257.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-117.fra56.r.cloudfront.net
Software
/
Resource Hash
2df534fd41c942148ee5c50e1cb25e6922715e4d4ebd2f81e4e4c2155033d8b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
3
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=604800; includeSubDomains
access-control-allow-origin
*
x-cache-hit
1
etag
W/062723c5c111640165a285bf28e51cb4
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
fSwXVhnzOcY4wBL5Ciw2gSbN4v84AmcxgXw97f9MRevjvSVpYeyXQQ==
19549.js
www.dwin1.com/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/19549.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:8800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51fbc0cb95797f8301ab60bd94682e4bbbf5dfcff0e3e247a017132132c05e68

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
FhIH9Hf0Lkz3.66m30hDGqybBYKtcfsK
content-encoding
gzip
etag
W/"1631886d5fcca05c66f12f330a36677b"
age
299
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Fri, 09 Sep 2022 08:45:27 GMT
server
AmazonS3
date
Sat, 10 Sep 2022 06:22:57 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
cache-control
max-age=600, s-maxage=600
x-amz-cf-pop
VIE50-P1
x-amz-cf-id
FvO9jotih0oqlvLL_eipThryb0iCAyHPx9M2HUk0gvSwAe61SZTpdw==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 15:04:19 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15317
x-served-by
cache-iad-kjyo7100064-IAD, cache-vie6366-VIE
js
www.googletagmanager.com/gtag/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZH21843T10&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55b544076663925a40ce57cd2724b87de6b163e773d5811e6722740bb42d1488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74196
x-xss-protection
0
expires
Sat, 10 Sep 2022 06:22:57 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1573093&t=2&gtmcb=2043761240
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1573093%26t%3D2%26gtmcb%3D2043761240
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1573093%26t%3D2%26gtmcb%3D2043761240
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 06:22:57 GMT
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
bdb4e947-4819-4cc3-847d-95500d1e68a4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 06:22:57 GMT
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
33ca7d46-7e9f-44c0-96a3-671575f2773e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1573093%26t%3D2%26gtmcb%3D2043761240
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 02:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 02:12:30 GMT
svgs.template.html
contratecontrole.tim.com.br/components/svgs/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://contratecontrole.tim.com.br/components/svgs/svgs.template.html
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2542f68ee9ccbd3000b50f251b2b91220d264aeda99fe82fd1861d6de53d65c

Request headers

X-INSTANA-T
7d0ccb7c6f48a7aa
Accept
application/json, text/plain, */*
Referer
http://contratecontrole.tim.com.br/
X-INSTANA-S
7d0ccb7c6f48a7aa
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=7d0ccb7c6f48a7aa

Response headers

Date
Tue, 23 Aug 2022 18:39:26 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:17 GMT
Server
AmazonS3
Age
1511012
ETag
W/"cc9ae61ae7ede63176db40269d5c52fb"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/html
Via
1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
VIE50-C1
X-Amz-Cf-Id
E5PmvU7CeP1OFhikeDwaqLEZ9qwB0S4kf1qqKXZRduFP7Se9lty1Pw==
close-modal.html
contratecontrole.tim.com.br/components/close-modal/ 		111 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://contratecontrole.tim.com.br/components/close-modal/close-modal.html
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
630e1eb6399754667098f1d78dea1fc0c5db88d5d6b65b7ce3282b4fd6c38341

Request headers

X-INSTANA-T
7320be075d99d51e
Accept
application/json, text/plain, */*
Referer
http://contratecontrole.tim.com.br/
X-INSTANA-S
7320be075d99d51e
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=7320be075d99d51e

Response headers

Date
Tue, 23 Aug 2022 18:39:26 GMT
Via
1.1 0b828d2972235c5e8de186e29f1866fc.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:16 GMT
Server
AmazonS3
Age
1511012
ETag
"71273d724b4b977a3eade61aa1591600"
X-Cache
Hit from cloudfront
Content-Type
text/html
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
VIE50-C1
Accept-Ranges
bytes
Content-Length
111
X-Amz-Cf-Id
lk7cUw1DcKu2VFxNf_nncTWZVT1hapjQ0eYWk8BJVXZfI5BQUrUJ7w==
footer.template.html
contratecontrole.tim.com.br/components/footer/ 		116 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://contratecontrole.tim.com.br/components/footer/footer.template.html
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
172c60381e0c4c0377a598054bc125fdba3cfd2605c43239ea0cfa3817c18e59

Request headers

X-INSTANA-T
cd90f5474a078d0c
Accept
application/json, text/plain, */*
Referer
http://contratecontrole.tim.com.br/
X-INSTANA-S
cd90f5474a078d0c
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=cd90f5474a078d0c

Response headers

Date
Sat, 27 Aug 2022 01:02:38 GMT
Via
1.1 96296f2b3ee1b7cbc3fb127d3383661e.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:16 GMT
Server
AmazonS3
Age
1228820
ETag
"fce078383534be156bfee0982deec99c"
X-Cache
Hit from cloudfront
Content-Type
text/html
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
VIE50-C1
Accept-Ranges
bytes
Content-Length
116
X-Amz-Cf-Id
I-MGMHUbwmuVxub6lDEY75N7mUBG3a2hZ823tHZM6P-mTueryXWVVw==
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26737
x-xss-protection
0
pragma
public
x-fb-debug
0Jg2GuVzNmDAIHA96RQPkwrt+bqcGtPYN+CdZ6jE6A2/e5qIaEo0wvtBYlKmnoYxPJ+2jPkaZzuav0CeoIm4SQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Sep 2022 06:22:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dataroyal_tag.js
advcake.dataroyal.com.br/scripts/
Redirect Chain
  • http://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
  • https://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
177.54.158.78 , Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
game.strongerhosting.com.br
Software
nginx /
Resource Hash
ed1e8b46a73e231cd10baccb526b7525610b494f0f7d45698ad6eff035814c73

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:58 GMT
Last-Modified
Saturday, 10-Sep-2022 06:22:58 GMT
Server
nginx
Content-Type
application/javascript, application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
14779
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Location
https://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
Date
Sat, 10 Sep 2022 06:22:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
circle.html
contratecontrole.tim.com.br/components/circle/ 		182 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://contratecontrole.tim.com.br/components/circle/circle.html
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ecfeee2e7930a954eb70674bb2601824bef42e85d8e2f1ce6425c4ce28acbaa

Request headers

X-INSTANA-T
975b1c94267c8e4
accept-language
de-DE,de;q=0.9
Authorization
c325452a3cf7473e85d375faca1ee812
X-INSTANA-L
1,correlationType=web;correlationId=975b1c94267c8e4
Accept
application/json, text/plain, */*
CodigoOperadora
41
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-INSTANA-S
975b1c94267c8e4

Response headers

Date
Fri, 02 Sep 2022 00:44:29 GMT
Via
1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:16 GMT
Server
AmazonS3
Age
711509
ETag
"fc96af0d6d0e5fe8dd22df9a90e570a4"
X-Cache
Hit from cloudfront
Content-Type
text/html
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
VIE50-C1
Accept-Ranges
bytes
Content-Length
182
X-Amz-Cf-Id
ov2CSnkPw2P_fN78Gy9q2j2oW3LtoJFj7onDvmqbPqeqqTC3xE6_Ug==
t3m.js
tags.t.tailtarget.com/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.t.tailtarget.com/t3m.js?i=TT-9892-2/CT-1841
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
22b8d4e12ba9e8a7b071c1658b55149291ddbb1d0f151a4bbffa6d26ae7295a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:57 GMT
Content-Encoding
gzip
Age
0
X-GUploader-UploadID
ADPycduT-a24YhfkJFa3rzXa7izh-M2KJlikADk_ezx1TxIDqqT8jqnWzTJZZcwyq_tLANrQGHCCsLc0i_zPr8-jDZYGgw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Content-Length
7655
Last-Modified
Thu, 08 Sep 2022 21:19:33 GMT
Server
nginx/1.8.1
ETag
"e3574a29606bc6f188de0621ff40aab3"
Vary
Accept-Encoding
x-goog-hash
md5=41dKKWBrxvGI3gYh/0Cqsw==
x-goog-generation
1662671973840791
Via
1.1 google
Cache-Control
max-age=7200,public
x-goog-stored-content-length
7655
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Sat, 10 Sep 2022 08:22:57 GMT
tim-br
us-sonar.sociomantic.com/js/2010-07-01/adpan/ 		0
0
gbwooza.js
www.tim.com.br/Portal_Conteudo/_staticfiles/internet/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tim.com.br/Portal_Conteudo/_staticfiles/internet/gbwooza.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.65.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
bat.js
bat.bing.com/
Redirect Chain
  • http://bat.bing.com/bat.js
  • https://bat.bing.com/bat.js
38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 84459A5C8CB145EEACA6881F1D92D70E Ref B: FRA31EDGE0222 Ref C: 2022-09-10T06:22:57Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Sat, 10 Sep 2022 06:22:56 GMT
accept-ranges
bytes
content-length
11376

Redirect headers

Location
https://bat.bing.com/bat.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
blue-tag.min.js
event.getblue.io/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://event.getblue.io/js/blue-tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
HTTP/1.1
Server
54.94.91.194 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-91-194.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
41f40556d764448a5c8220598ddf5c7df825bced46014dbca751e80e3b3d429e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 10 Sep 2022 03:23:38 GMT
ETag
W/"7716-1662780218578"
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
adaptor.js
cdn.fanplayr.com/customers/tim-brazil/adaptor/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.fanplayr.com/customers/tim-brazil/adaptor/adaptor.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
13.32.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-79.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
829cf23a96e53a31f9e7aaf24e74814a75727a4c1dd7194a97b0dc057fc746e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
Qr_Iz.uH8BQrh2wibaLNgi1x_FCcZnE.
Content-Encoding
gzip
ETag
"94ce5e71831f00f1ae3357d9e2c474f5"
Age
2066
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3324
Last-Modified
Thu, 28 May 2020 16:35:59 GMT
Server
AmazonS3
Date
Sat, 10 Sep 2022 06:15:46 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
X-Amz-Cf-Id
-1wegG1E0go3_n8WZApgBzaqfuX1k8G_k1E4ksOzkHScz6izPLELKw==
uoltm.js
tm.jsuol.com.br/ 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tm.jsuol.com.br/uoltm.js?id=wayz4j
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
HTTP/1.1
Server
2600:9000:206e:f200:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
69c77a10044ea62847fa9cf324841ac8ddc918218646b16090a43b51049262a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Sep 2022 02:10:44 GMT
Server
marrakesh 1.16.6
X-Amz-Cf-Pop
VIE50-C1
ETag
dc240826de3a681e244c7eecd55612ec
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=UTF-8
Via
1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
Cache-Control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
Connection
keep-alive
Content-Length
15241
X-Amz-Cf-Id
5McitjMvbaAUrjAoQBgxaWHKYRF5jmudcw5pOdkJpy_0HGTCgcDt2A==
Expires
Sat, 10 Sep 2022 07:22:57 GMT
mastertag.php
secure.afilio.com.br/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.afilio.com.br/mastertag.php?progid=3290&type=basket&id_partner=timcontrolecpa&product_id1=undefined&amount=undefined&url_product=http%3A%2F%2Fcontratecontrole.tim.com.br%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.145.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-145-99.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) / PHP/5.6.40-10+ubuntu16.04.1+deb.sury.org+1
Resource Hash
ea3ea87565b91dfe4d2aff12c2930b152ea970d613f6f0b2f3895f73cc653765

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:57 GMT
server
Apache/2.4.18 (Ubuntu)
x-powered-by
PHP/5.6.40-10+ubuntu16.04.1+deb.sury.org+1
content-type
text/javascript;charset=UTF-8
events.js
analytics.tiktok.com/i18n/pixel/ 		191 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3E7Q0OU4DKLMOIO0ACG&lib=ttq
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7f65698a306db8c25043b42bcadddcd2a979725ee904dfa72a91cda8033fbdfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-akamai-request-id
5a4a8353.afaa89f6
date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
91,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=5, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
202209100622576907BF5501331AAA6B0F
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.104.7
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6ba31f183584fd498967202fffc882607dc5e5dd80824b6b96eba673186b4c7e456aa6bbed945113a8e42ca63f4767d4de892b87db1f94ff0a8e88002bd88cf90f445c479f5d9e1cdef12d0108c82aa09
expires
Sat, 10 Sep 2022 06:22:57 GMT
pa_rtg_timcontrole.js
admaxium.com/scripts/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://admaxium.com/scripts/pa_rtg_timcontrole.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:2a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.11
Resource Hash
f82e7d3c2247ad3fd88b985184bb14528a6aa4dd9a252258720c6aff947b88d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:57 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.11
Transfer-Encoding
chunked
status
200 OK
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
9eb321a2-8a61-4212-a45e-3427f1e00672
x-runtime
0.037316
Server
cloudflare
etag
W/"f82e7d3c2247ad3fd88b985184bb1452"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWPdW46MW5IFNc3uVHzRWTeZYM73aUE1OBO%2BspeMNZwU22GRAnpnXOzjBUaBedvh%2BJDydaZsuh%2FmnsMnvoCGp061%2BkpvvPj6zdLoU3k5GjuFHTvvCfUl4Speuu2Dw%2F1KTWp%2B9eFFzr3nYtg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, public
CF-RAY
748612787df1bbf7-FRA
expires
2022-08-11 06:22:57 UTC
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV2DB72
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4857
date
Sat, 10 Sep 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 10 Sep 2022 07:02:00 GMT
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ 		144 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=386395864480891935&lib=kwaiq
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.137.21 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
NWS_Qcloud_Oversea_Static_HWMid /
Resource Hash
cc3dd6744baaaf03ec4ec6da71ea7ff3b430f3137527ee8475cb8014653b92f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 06:51:10 GMT
Content-Encoding
gzip
X-Cache-Lookup
Cache Hit, Hit From Inner Cluster
x-cos-request-id
NjJmMWVkOTJfZmRlZjc4MGJfYjU5OV9hMWRiZGZl
Connection
keep-alive
Content-Length
43430
x-cos-hash-crc64ecma
8248290895793510178
Last-Modified
Wed, 20 Jul 2022 03:12:01 GMT
Server
NWS_Qcloud_Oversea_Static_HWMid
Etag
"d09533c0d43753391aeac7a4528aaa40"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
X-Daa-Tunnel
hop_count=1
X-NWS-LOG-UUID
17089748722305056585
Accept-Ranges
bytes
Expires
Tue, 09 Aug 2022 07:01:10 GMT
planos
gtw.celulardireto.com.br/v1/api/produto/tim/controle/listar/ 		3 KB
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtw.celulardireto.com.br/v1/api/produto/tim/controle/listar/planos?CodigoOrigem=d8bb185b4c434174901e83a3e369075f&CodigoCampanha=default&Ddd=&EstadoCampanha=BR&Exclusivo=false&OrigemCampanha=modal-controle&SegmentoCampanha=controle&SkuPlano=NOSKUMD&Uf=
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.107.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-107-86.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e96cb341920c3968d6ebb8a2b719f0dc642a155805df2ca888bd552aac42a0ad

Request headers

Accept
application/json, text/plain, */*
CodigoOperadora
41
Referer
http://contratecontrole.tim.com.br/
Authorization
c325452a3cf7473e85d375faca1ee812
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
server-timing
intid;desc=81914ffe5917ca1a
content-length
669
expires
-1
planos
gtw.celulardireto.com.br/v1/api/produto/tim/controle/listar/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gtw.celulardireto.com.br/v1/api/produto/tim/controle/listar/planos?CodigoOrigem=d8bb185b4c434174901e83a3e369075f&CodigoCampanha=default&Ddd=&EstadoCampanha=BR&Exclusivo=false&OrigemCampanha=modal-controle&SegmentoCampanha=controle&SkuPlano=NOSKUMD&Uf=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.107.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-107-86.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,codigooperadora
Access-Control-Request-Method
GET
Origin
http://contratecontrole.tim.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
authorization,codigooperadora
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sat, 10 Sep 2022 06:22:57 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
tim-logo.svg
contratecontrole.tim.com.br/assets/imgs/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://contratecontrole.tim.com.br/assets/imgs/tim-logo.svg
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee514faec1944752720cd0f3c6f3664f9fa42c7dc31ab396a0e5cfee7a4cf4e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:38:39 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:16 GMT
Server
AmazonS3
Age
1511059
ETag
W/"c60c83a82d979114b0d1e5c27e390010"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Via
1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
VIE50-C1
X-Amz-Cf-Id
k3VHaMKuJ8nV382YzuXzhbk6LcoTIOM8rwvdSVKphR0oyYwFar7Kgw==
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:300,400
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c19f1d331f49d3a67ea7914372f61c61dc7558c629f911328122647efd91aac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sat, 10 Sep 2022 06:22:57 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sat, 10 Sep 2022 06:22:57 GMT
collect
region1.analytics.google.com/g/ 		0
354 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZH21843T10&gtm=2oe970&_p=1745492969&_gaz=1&cid=1554895828.1662790977&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662790977&sct=1&seg=0&dl=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&dt=TIM%20CONTROLE&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH21843T10&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:22:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://contratecontrole.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH21843T10&cid=1554895828.1662790977&gtm=2oe970&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH21843T10&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:22:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://contratecontrole.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZH21843T10&cid=1554895828.1662790977&gtm=2oe970&aip=1&z=1730494375
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:22:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon-close.svg
contratecontrole.tim.com.br/assets/imgs/ 		761 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://contratecontrole.tim.com.br/assets/imgs/icon-close.svg
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/assets/styles/styles.2d7bac2b40748fd5.css
Protocol
HTTP/1.1
Server
2600:9000:206e:fa00:9:433f:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
423526dc3a247adb6be497bfd3c2e908a7048292cb67b6902daf46754c1498f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/assets/styles/styles.2d7bac2b40748fd5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 18:38:39 GMT
Via
1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 23 Aug 2022 18:36:15 GMT
Server
AmazonS3
Age
1511059
ETag
"cb9b5ad2b7a88656e1e4a5bc01104795"
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
VIE50-C1
Accept-Ranges
bytes
Content-Length
761
X-Amz-Cf-Id
I3sUuYC1eGyS8SZOhEb38grDqSkWVRPpuKjiDkAA9Jkp37BmsGmQrA==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:300,400
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://contratecontrole.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 07 Sep 2022 08:44:49 GMT
X-Content-Type-Options
nosniff
Age
250688
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15744
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:24:48 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 07 Sep 2023 08:44:49 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19358192-1&cid=1554895828.1662790977&jid=1716383969&gjid=408650269&_gid=2087762515.1662790977&_u=YCDAiEABRAAAAE~&z=1519262792
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://contratecontrole.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 10 Sep 2022 06:22:57 GMT
content-type
text/plain
access-control-allow-origin
http://contratecontrole.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1745492969&t=pageview&_s=1&dl=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&ul=en-us&de=UTF-8&dt=TIM%20CONTROLE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABR~&jid=1716383969&gjid=408650269&cid=1554895828.1662790977&tid=UA-19358192-1&_gid=2087762515.1662790977&gtm=2wg970PV2DB72&cd8=Venda%20Bruta&cd26=WOOZA&z=1368713326
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Sep 2022 13:49:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59604
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1474425375913156
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1474425375913156?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ff53e9b4190d3f4c96c4cd5624d3d4498e37270d8641ec52cd64ccf04479af3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
+mrqOqbhB3jdGwOBtH+pJNmuH7tZwXvhNMWD/GxxEHRaZyC16wBKhzAlmwS3NpRLKQglICfBRQZUGnpf703E3Q==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Sep 2022 06:22:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:300,400
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://contratecontrole.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 13:27:41 GMT
X-Content-Type-Options
nosniff
Age
406516
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15740
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:24:56 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 05 Sep 2023 13:27:41 GMT
loader.js
cdn.fanplayr.com/client/production/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.fanplayr.com/client/production/loader.js
Requested by
Host: cdn.fanplayr.com
URL: http://cdn.fanplayr.com/customers/tim-brazil/adaptor/adaptor.js
Protocol
HTTP/1.1
Server
13.32.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-79.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95f1f9d0c11a28021c39741a32189b2ba2478107ef83bb3a5ce900467c171880

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Sep 2022 02:38:35 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
ETag
"6bf2b02b50a1aa4f1a1e378abed92446"
X-Cache
Miss from cloudfront
x-amz-version-id
XWrt7EstTOtzghFOXlEV2dzSOivX5ExE
Via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
Cache-Control
private, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1525
X-Amz-Cf-Id
19vys03WnThkNLsBwJU_2SvdxD5m7u96ikTQfMoubeli9Bpd7IkxOg==
17163126.js
bat.bing.com/p/action/ 		1 KB
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17163126.js
Requested by
Host: bat.bing.com
URL: http://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
daec4b2d4342b3e5f6f7088d78a505213d5e64d4ca4c3e142e493da0277490f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FE58E3D4CA7248129FB92B5235A2CAEE Ref B: FRA31EDGE0222 Ref C: 2022-09-10T06:22:57Z
date
Sat, 10 Sep 2022 06:22:56 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
667
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17163126&Ver=2&mid=960d6e35-af33-4030-8173-b630af75e045&sid=02f790c030d111ed8e306b4415b8433f&vid=02f7bc6030d111ed89cb6d23228d130b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=TIM%20CONTROLE&p=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&r=&lt=752&evt=pageLoad&sv=1&rn=572847
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2B97847E39F6440880FCDB9F5BD9D3E4 Ref B: FRA31EDGE0222 Ref C: 2022-09-10T06:22:57Z
date
Sat, 10 Sep 2022 06:22:56 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19358192-1&cid=1554895828.1662790977&jid=1716383969&_u=YCDAiEABRAAAAE~&z=2087115132
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:22:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19358192-1&cid=1554895828.1662790977&jid=1716383969&_u=YCDAiEABRAAAAE~&z=2087115132
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:22:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=eb8b565c-d1e1-418b-833f-d260c9757cfe&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9474b863-ff52-4035-946b-37d36de84689&tw_document_href=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuou0&type=javascript&version=2.3.27
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time
104
date
Sat, 10 Sep 2022 06:22:57 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
595f764a6ce32abf8d3bd1fc6ca6084f8aeb296bfa8dccb8b459376faa47f732
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=eb8b565c-d1e1-418b-833f-d260c9757cfe&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9474b863-ff52-4035-946b-37d36de84689&tw_document_href=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuou0&type=javascript&version=2.3.27
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time
107
date
Sat, 10 Sep 2022 06:22:57 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
e8774fe3d45ec8eb5630c7e5db93d6c154b4d66be001dd369197b1c48ac185a8
content-length
43
17163126
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/17163126
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17163126.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1644 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e984ba835c2cb285b6f5fcc4d1719d2cd1f20c77db6155f1b10a3c1aeab22948

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:56 GMT
x-powered-by
ASP.NET
x-azure-ref
0QS0cYwAAAABqmvyBQN5FTqd07eR0Kg+4WlJIRURHRTA2MTUANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
content-length
1543
expires
-1
identifyx.js
analytics.tiktok.com/i18n/pixel/ 		104 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identifyx.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3E7Q0OU4DKLMOIO0ACG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f3c96e196dce28ba0c0b407b4f262d5555c61e6b7c1126fd810413d6f30c14c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-akamai-request-id
26928d38.afaa8bd2
date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
94,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=5, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20220910062257B2BCBF0264D4E2AAFE5D
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.104.5
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6ba31f183584fd498967202fffc882607aaae1859f4209705325bb265e5c7799f30426e7a0ce5d42f0c7da408c2403ddd2f002a2c6a97fb342577aa9a9c7b7ef322720106df0adedef44adb6bc5fe693c
expires
Sat, 10 Sep 2022 06:22:57 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		861 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3E7Q0OU4DKLMOIO0ACG&hostname=contratecontrole.tim.com.br
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3E7Q0OU4DKLMOIO0ACG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
db157c008aec98aeb27a9f747d3834a1199d40b46abb9c092b19c23f5bc5915b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-akamai-request-id
624c721d.afaa8c84
date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-221-225-150.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
97,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=11, inner; dur=3
content-length
341
pragma
no-cache
server
nginx
x-tt-logid
202209100622577CC1644F31FFAEA34907
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,23.221.225.150
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6ba31f183584fd498967202fffc8826071921a1a883b44007a803c91448666d48930b865b81b0d6fb92290943cf6d5fe1c4a5af04105280438225b3dd2b765d18fcfe0dd21c659bec4ddd57cffb577f90
expires
Sat, 10 Sep 2022 06:22:57 GMT
/
event.getblue.io/p/ Frame 26B6 		774 B
924 B 		Document
General
Check archive.org
Download Go to
Full URL
http://event.getblue.io/p/?cId=50B276F9-E977-2327-61CBC305EF5DCAE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&v=13072020-1328&nocache=6998628530420.248
Requested by
Host: event.getblue.io
URL: http://event.getblue.io/js/blue-tag.min.js
Protocol
HTTP/1.1
Server
54.94.91.194 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-91-194.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
6614cd4a7cce75baf989f860967ea82d2cfe20fc2049890fee49c656d40130b7

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sat, 10 Sep 2022 06:22:57 GMT
TagContainer-Version
1184-21082022-1526
Transfer-Encoding
chunked
Vary
Accept-Encoding
/
widget.getblue.io/event/ 		760 B
504 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getblue.io/event/?cId=50B276F9-E977-2327-61CBC305EF5DCAE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&v=13072020-1328&if=0&nocache=1866079521227.6548
Requested by
Host: event.getblue.io
URL: http://event.getblue.io/js/blue-tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.230.28.231 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-230-28-231.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
5b92a408bbe994550b7055a07066d79ec13a646062d36f046dbd84a9d59e86e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
pixel
analytics.tiktok.com/api/v2/ 		0
690 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3E7Q0OU4DKLMOIO0ACG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://contratecontrole.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4b3cbd69.afaa8ed0
date
Sat, 10 Sep 2022 06:22:57 GMT
x-cache-remote
TCP_MISS from a23-221-225-190.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
109,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=22, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220910062257F1B76F89429577965415
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
22,23.221.225.190
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6ba31f183584fd498967202fffc8826073fdc2bf7f865e238737904fc6b4c47dac1d6b00bdd5bc89dd4ed503218a4ea686d0a374d6ef40cf7c3d0bb8d3770146c8748a4edee74c22d1dae4fe291bdb392
expires
Sat, 10 Sep 2022 06:22:57 GMT
event
analytics.tiktok.com/exp/v1/ 		42 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/exp/v1/event
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b0c19a556d38fcce282f42e0c15f62bbd34cbeea30fcc4ca2ec2d3f8d645dc31

Request headers

Accept
application/json, text/plain, */*
Referer
http://contratecontrole.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-akamai-request-id
739d853a.afaa92fd
date
Sat, 10 Sep 2022 06:22:58 GMT
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
upstream-caught
1662790978118833
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
98,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=104, origin; dur=2, inner; dur=1
content-length
42
pragma
no-cache
server
nginx
x-tt-logid
2022091006225818C350F740699DBD5F13
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
2,23.220.104.8
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6ba31f183584fd498967202fffc8826073d8b41a64874d222acaf60cbe37b0552dc891236689d08ef8179c74564cc0fd55d5aa9b48e3c1c11d6ee2ab71f5c5b42bec471561e0801dc45b7cad20f955d13
expires
Sat, 10 Sep 2022 06:22:58 GMT
event
analytics.tiktok.com/exp/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/exp/v1/event
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://contratecontrole.tim.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,Authorization
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
access-control-max-age
43200
cache-control
max-age=0, no-cache, no-store
content-type
application/octet-stream
date
Sat, 10 Sep 2022 06:22:58 GMT
expires
Sat, 10 Sep 2022 06:22:58 GMT
pragma
no-cache
server
nginx
server-timing
cdn-cache; desc=MISS, edge; dur=198, origin; dur=2 inner; dur=0
upstream-caught
1662790977864233
x-akamai-request-id
5a4a8cc0.afaa8f25
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-cache-remote
TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-origin-response-time
2,23.220.104.7
x-parent-response-time
177,23.36.161.200
x-tt-logid
20220910062257733C83998DFAB1B6E28F
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6ba31f183584fd498967202fffc8826075cd3128559019717ef1ad706d471f1d74f5aa489a3cb5baa1b9f3ad986d8cd433dc8ce2a709642b847860b8136860c078ad6987edfa7b244e0a7d2fa69176907
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
platform.min.js
cdn.fanplayr.com/client/production/platform/releases/1.136.0/ 		193 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.fanplayr.com/client/production/platform/releases/1.136.0/platform.min.js
Requested by
Host: cdn.fanplayr.com
URL: http://cdn.fanplayr.com/client/production/loader.js
Protocol
HTTP/1.1
Server
13.32.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-79.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d48aa26065f58dbdee1eecdc9f990b187086b035ba25c67915205a3f775b7a41

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 02:38:36 GMT
Content-Encoding
gzip
Age
445462
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
66981
Last-Modified
Mon, 05 Sep 2022 02:38:19 GMT
Server
AmazonS3
ETag
"e8d767686464274668f2c74885df91a4"
x-amz-version-id
JfzB.LWwTKqqWRKpDXTjypYlrU8FCAJT
Via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA60-P3
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
wABuClud4iqFLhzrhqx0TPFD5SH7jeYn2mijdRMfsO1CSMpkFNy7eQ==
getPixelConfig
api.mythad.com/rest/n/adintl/ad/ 		327 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=386395864480891935
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.215.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.215.227.35.bc.googleusercontent.com
Software
/
Resource Hash
b38352fdc315c48279c10af6d1129a7f517f13db554c3813de846dc3ef693c8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
content-encoding
gzip
x-kslogid
662790978084662514
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://contratecontrole.tim.com.br
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
/
e1.fanplayr.com/external.Genius/
Redirect Chain
  • http://my.fanplayr.com/external.Genius/?callback=jQuery1111041132272948222526_1662790977838&a=init&uuid=1662790977845-d8427ce07d7a0b0d9f352df5&user=0&session=0&url=http%3A%2F%2Fcontratecontrole.tim...
  • http://e1.fanplayr.com/external.Genius/?callback=jQuery1111041132272948222526_1662790977838&a=init&uuid=1662790977845-d8427ce07d7a0b0d9f352df5&user=0&session=0&url=http%3A%2F%2Fcontratecontrole.tim...
663 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
http://e1.fanplayr.com/external.Genius/?callback=jQuery1111041132272948222526_1662790977838&a=init&uuid=1662790977845-d8427ce07d7a0b0d9f352df5&user=0&session=0&url=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&store_domain=contratecontrole.tim.com.br&tz=0&account=ecd8f4e7d01f34f44039ebf2a44fc361&store_data=shopType%3Dcustom%26pageType%3Dhome%26productPrice%3D0%26lineItemCount%3D0%26numItems%3D0%26discount%3D0%26total%3D0%26repeatCart%3Dfalse%26repeatCustomData%3D0%26custom%3D1%26version%3D3&custom_data=&invocation=0&ref=&log_only=0&browser_language=en-US&widget_language=&push=&swv=u&gacid=1554895828.1662790977&idmap=%7B%7D&adaptor=1.0.8&_=1662790977839
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
34.235.56.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-56-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f99e14af3f432d5d5530b1b9e060dea30e2a40bd7bdc57f3f1585b950c5f18b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:58 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
Content-Length
473
Vary
Accept-Encoding
Content-Type
application/javascript

Redirect headers

Date
Sat, 10 Sep 2022 06:22:58 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Location
http://e1.fanplayr.com/external.Genius/?callback=jQuery1111041132272948222526_1662790977838&a=init&uuid=1662790977845-d8427ce07d7a0b0d9f352df5&user=0&session=0&url=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&store_domain=contratecontrole.tim.com.br&tz=0&account=ecd8f4e7d01f34f44039ebf2a44fc361&store_data=shopType%3Dcustom%26pageType%3Dhome%26productPrice%3D0%26lineItemCount%3D0%26numItems%3D0%26discount%3D0%26total%3D0%26repeatCart%3Dfalse%26repeatCustomData%3D0%26custom%3D1%26version%3D3&custom_data=&invocation=0&ref=&log_only=0&browser_language=en-US&widget_language=&push=&swv=u&gacid=1554895828.1662790977&idmap=%7B%7D&adaptor=1.0.8&_=1662790977839
Connection
keep-alive
Content-Length
20
clarity.js
www.clarity.ms/eus2-e/s/0.6.40/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-e/s/0.6.40/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17163126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1644 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:57 GMT
content-encoding
br
etag
"1d8bd4806fdad30"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0QS0cYwAAAADWdGBFprcMToee4OIw+k0cWlJIRURHRTA2MTUANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges
bytes
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
915363375933394
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/915363375933394?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9f31e2fce4dedf23cec6ef00d6a2f76c28e97f08809836930a3190d04d5a619
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
1zouVZVeDTFAT/Qu71T0O/G4zxgF8WIGOaHxhC8FH/NFZObNEENcTTKbKvx7lw082qL7RRqGh/57jN3QGJ0DGA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Sep 2022 06:22:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
cms.getblue.io/cm/ Frame 26B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=getblue&google_cm&&google_sc&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&google_ula=7141573074&ula=7141573074&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=getblue&google_cm=&google_sc=&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&google_ula=7141573074&ula=7141573074&goo...
  • https://cms.getblue.io/cm/?src=adx&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&ula=7141573074&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&google_gid=CAESEMNU18d...
2 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.getblue.io/cm/?src=adx&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&ula=7141573074&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&google_gid=CAESEMNU18d1XFTYl-n9dOqLdz4&google_cver=1&google_ula=7141573074,0
Requested by
Host: event.getblue.io
URL: http://event.getblue.io/p/?cId=50B276F9-E977-2327-61CBC305EF5DCAE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&v=13072020-1328&nocache=6998628530420.248
Protocol
H2
Server
52.67.55.211 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-55-211.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
x-powered-by
Express
content-length
2
content-type
application/json; charset=utf-8

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:22:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cms.getblue.io/cm/?src=adx&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&ula=7141573074&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&google_gid=CAESEMNU18d1XFTYl-n9dOqLdz4&google_cver=1&google_ula=7141573074,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 26B6 		43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=449&code=057A02E7-60BE-41E8-98C3CD206DA82DB4
Requested by
Host: event.getblue.io
URL: http://event.getblue.io/p/?cId=50B276F9-E977-2327-61CBC305EF5DCAE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&v=13072020-1328&nocache=6998628530420.248
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 06:22:58 GMT
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
502953dd-e638-40ad-8c57-3f685d6d50f5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
cms.getblue.io/cm/ Frame 26B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&appn...
  • https://cms.getblue.io/cm/?src=appnexus&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&appnexusid=8842013843892974786
2 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.getblue.io/cm/?src=appnexus&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&appnexusid=8842013843892974786
Requested by
Host: event.getblue.io
URL: http://event.getblue.io/p/?cId=50B276F9-E977-2327-61CBC305EF5DCAE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&v=13072020-1328&nocache=6998628530420.248
Protocol
H2
Server
52.67.55.211 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-55-211.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
x-powered-by
Express
content-length
2
content-type
application/json; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 06:22:58 GMT
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
55e2df38-a0a5-483d-95ff-36270273ceaa
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cms.getblue.io/cm/?src=appnexus&ckid=057A02E7-60BE-41E8-98C3CD206DA82DB4&cid=50B276F9-E977-2327-61CBC305EF5DCAE4&blueID=9758bd73-912c-48ff-a5d9-2f86c486f7f6&appnexusid=8842013843892974786
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
k.clarity.ms/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://contratecontrole.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
http://contratecontrole.tim.com.br
date
Sat, 10 Sep 2022 06:22:58 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
mercurio.html
tm.uol.com.br/ Frame 236C 		197 B
689 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.uol.com.br/mercurio.html
Requested by
Host: tm.jsuol.com.br
URL: http://tm.jsuol.com.br/uoltm.js?id=wayz4j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3200:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding
gzip
content-length
173
content-type
text/html;charset=UTF-8
date
Sat, 10 Sep 2022 06:22:58 GMT
etag
ba5203ce522cc70a434e9a70452ca145
expires
Sat, 10 Sep 2022 06:32:58 GMT
last-modified
Tue, 05 Jan 2021 17:11:27 GMT
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server
marrakesh 1.16.6
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-amz-cf-id
TQ03Mlist1-Cvs9jukYEdptOOCuoHHrawO7q9KPkqXDI2QsgB_RnOg==
x-amz-cf-pop
FRA56-C1
x-cache
RefreshHit from cloudfront
retar.php
vu.adschoom.com/trafic/ 		988 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vu.adschoom.com/trafic/retar.php?boutique=timcontrolebr&type=PANIER&transaction_amount=undefined&data={PRODUCTS}&currency=EUR&topfr=http://contratecontrole.tim.com.br/&topfr2=
Requested by
Host: secure.afilio.com.br
URL: https://secure.afilio.com.br/mastertag.php?progid=3290&type=basket&id_partner=timcontrolecpa&product_id1=undefined&amount=undefined&url_product=http%3A%2F%2Fcontratecontrole.tim.com.br%2F
Protocol
HTTP/1.1
Server
95.131.137.7 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
de2cb677723b2ab3e96674453a2ce1428c1936a50979be31af259cfb1a21f345

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 06:22:58 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
close
Expires
Wed, 31 Aug 2022 08:22:58 GMT
/
smct.co/tm/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://smct.co/tm/?t=contratecontrole.tim.com.br
Requested by
Host: secure.afilio.com.br
URL: https://secure.afilio.com.br/mastertag.php?progid=3290&type=basket&id_partner=timcontrolecpa&product_id1=undefined&amount=undefined&url_product=http%3A%2F%2Fcontratecontrole.tim.com.br%2F
Protocol
HTTP/1.1
Server
52.30.226.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-226-81.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
39a7bbeda6f94283e11ff8aac0522ca4be2a5679420bebaee6cd9c91dca73b0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 10 Sep 2022 06:22:58 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=900
Connection
keep-alive
Content-Length
3452
Expires
Sat, 10 Sep 2022 06:37:58 GMT
pixel.min.js
cdn.dsspn.com/trk/v1.1/ 		1 B
161 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dsspn.com/trk/v1.1/pixel.min.js?c=d39529d9-c390-478f-bc47-8f32a175eced&e=4&n=Tim_Controle&products={products_ids}&cb=1662790978145
Requested by
Host: secure.afilio.com.br
URL: https://secure.afilio.com.br/mastertag.php?progid=3290&type=basket&id_partner=timcontrolecpa&product_id1=undefined&amount=undefined&url_product=http%3A%2F%2Fcontratecontrole.tim.com.br%2F
Protocol
HTTP/1.1
Server
34.192.69.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-69-220.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
3973e022e93220f9212c18d0d0c543ae7c309e46640da93a4a0314de999f5112

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:58 GMT
Server
awselb/2.0
Connection
keep-alive
Content-Length
1
Content-Type
text/plain; charset=utf-8
/
analytics.fatmedia.io/ 		27 B
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.fatmedia.io/
Requested by
Host: secure.afilio.com.br
URL: https://secure.afilio.com.br/mastertag.php?progid=3290&type=basket&id_partner=timcontrolecpa&product_id1=undefined&amount=undefined&url_product=http%3A%2F%2Fcontratecontrole.tim.com.br%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
8da86c40fe30d510103ee4031dd8dca52bc7311f317b4a6de4a832af1f1997b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
etag
W/"1b-8J97fFDao/j6XB1jv9q7jHISjP4"
server
Google Frontend
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
1a1c163a7ad9e449b4ea2e86b6ce0c71
content-length
27
result
analytics.tiktok.com/exp/v1/ 		2 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/exp/v1/result
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/plain, */*
Referer
http://contratecontrole.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-akamai-request-id
739d8c5a.afaa9680
date
Sat, 10 Sep 2022 06:22:58 GMT
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
upstream-caught
1662790978342248
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
101,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=14, inner; dur=6
content-length
2
pragma
no-cache
server
nginx
x-tt-logid
20220910062258CE4FE9DA1E9508C0D214
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.220.104.8
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6ba31f183584fd498967202fffc8826073d8b41a64874d222acaf60cbe37b0552fe47aeb387e52752d5fb0a3a4b1a8c3c8121fda150923c0ed0c21aed213eefcd3f0395c14e3ea8c3a646748c086467b8
expires
Sat, 10 Sep 2022 06:22:58 GMT
result
analytics.tiktok.com/exp/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/exp/v1/result
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://contratecontrole.tim.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,Authorization
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
access-control-max-age
43200
cache-control
max-age=0, no-cache, no-store
content-type
application/octet-stream
date
Sat, 10 Sep 2022 06:22:58 GMT
expires
Sat, 10 Sep 2022 06:22:58 GMT
pragma
no-cache
server
nginx
server-timing
cdn-cache; desc=MISS, edge; dur=83, origin; dur=11 inner; dur=1
upstream-caught
1662790978237610
x-akamai-request-id
45782a0e.afaa94f5
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-cache-remote
TCP_MISS from a23-221-225-157.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-origin-response-time
11,23.221.225.157
x-parent-response-time
94,23.36.161.200
x-tt-logid
20220910062258BA3E425A747EF1BC737C
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6ba31f183584fd498967202fffc882607c2c2090d33fba5dffc0fad0a062a2d9c13a527a4a1c09ecbe32cdc9f8963928bb5749d0464791cc4f809f50d4b9cbabb82d61a94001d09a4c3f5b5d26ff7bed1
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
csp.js
js.smct.io/csp/ 		0
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.smct.io/csp/csp.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:47d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id
null
last-modified
Wed, 23 Oct 2019 09:31:23 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
7486127e0e4c924f-FRA
x-amz-cf-id
iZMc1AXIpew9c897gQ2VDhlV4ccXSB62xi85JEAuyamEEyPSmw5_dQ==
retar_js.php
vu.adschoom.com/trafic/ 		8 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
http://vu.adschoom.com/trafic/retar_js.php?type=PANIER&boutique=timcontrolebr&categorie_id=&produit_id=&data={PRODUCTS}&transaction_id=0&transaction_amount=undefined&valid=1&rid_tt=&refer=http%3A//contratecontrole.tim.com.br/&refer2=&shopf=false&random=340032152
Requested by
Host: vu.adschoom.com
URL: http://vu.adschoom.com/trafic/retar.php?boutique=timcontrolebr&type=PANIER&transaction_amount=undefined&data={PRODUCTS}&currency=EUR&topfr=http://contratecontrole.tim.com.br/&topfr2=
Protocol
HTTP/1.1
Server
95.131.137.7 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
45336bf2c27960347588ebaedc466e533d74cb661ed98b7d8b45c27a54e0e596

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 06:22:58 GMT
Server
nginx
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
8
Expires
Wed, 31 Aug 2022 08:22:58 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1474425375913156&ev=PageView&dl=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&rl=&if=false&ts=1662790978234&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.2.1662790978232.388574467&it=1662790977388&coo=false&rqm=GET
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 10 Sep 2022 06:22:58 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=915363375933394&ev=PageView&dl=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&rl=&if=false&ts=1662790978235&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.2.1662790978232.388574467&it=1662790977388&coo=false&rqm=GET
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 10 Sep 2022 06:22:58 GMT
tag-v5.82.js
js.smct.io/t/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smct.io/t/tag-v5.82.js
Requested by
Host: smct.co
URL: http://smct.co/tm/?t=contratecontrole.tim.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:47d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0aa8794eae4d207f8bffd02baf1c4e2f1551f252caaf6c86e06395d309183c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
341630
cf-polished
origSize=64743
cf-ray
7486127f1a2d9c04-FRA
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 06 Dec 2021 15:33:27 GMT
server
cloudflare
etag
W/"6d929373de70394705721f34eac432f6"
vary
Accept-Encoding
x-amz-version-id
9bZhMk5yhvRYRoAMPL5RHw6KWzQRGuO6
cache-control
max-age=2678400
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
mvO0bObd5w9ZHYJwdrQ402q4RXHayTy4L0jUKA4wvzKfIolNWfrh6w==
cf-bgj
minify
lse1.0.html
smct.co/ Frame C8AD 		422 B
605 B 		Document
General
Check archive.org
Download Go to
Full URL
https://smct.co/lse1.0.html
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.82.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.226.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-226-81.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
dce009260c83128b674841cb92b03faf749468dceca09a813fdadd318c4bfbd2

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=7200, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
254
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Sep 2022 06:22:58 GMT
Expires
Sat, 10 Sep 2022 06:22:58 GMT
Last-Modified
Thu, 17 Aug 2017 09:19:04 GMT
Server
Apache
Vary
Accept-Encoding
events-1.6.0.min.js
js.smct.io/e/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smct.io/e/events-1.6.0.min.js
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:47d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:58 GMT
via
1.1 45ac239cc562242a0c8750988292fca2.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
341634
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id
86Alo3RvPHIXLLAe0m5WQhsYLYOyKnIX
last-modified
Mon, 22 Mar 2021 13:16:37 GMT
server
cloudflare
etag
W/"a1075fa3d276bd62722dbc87d77a8e62"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-pop
SFO5-P1
cf-ray
7486127f6ab49c04-FRA
x-amz-cf-id
nSsNcoFoxYsCEqhE1u1DuxMxwO2g_AIbLC9h9JGQJc0sIpZpBbMMnA==
lse1.1.html
d2d7do8qaecbru.cloudfront.net/live/ Frame 8E03 		2 KB
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Requested by
Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-82.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d913a3ce24c14263a5e1ce227c5d62d30eb4a5ba50b5ccf9a9c0bb555c9ffd0f

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 10 Sep 2022 06:22:59 GMT
etag
W/"1de5ff62ceb05bb85f2813d8103b063a"
last-modified
Wed, 06 Nov 2019 12:06:42 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
x-amz-cf-id
Db3lGEgeAzTjCqR_4OS_OUO-LOsLqS2wWbkTWJ8C-JhMkHj2sSTTiw==
x-amz-cf-pop
VIE50-P1
x-amz-version-id
3RRTSIWom4dpK6VxcP0BNx5_6oQ0Pvyu
x-cache
RefreshHit from cloudfront
/
cognito-identity.eu-west-1.amazonaws.com/ 		63 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:e936:6459:f314:3358 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d24ebc6f20e5873edd3fb5b4ee0b6a27f66ee6aaa31de975b0905440a9c2f930

Request headers

Referer
http://contratecontrole.tim.com.br/
X-AMZ-TARGET
AWSCognitoIdentityService.GetId
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Sat, 10 Sep 2022 06:22:58 GMT
content-type
application/x-amz-json-1.1
x-amzn-requestid
3037b51d-ad24-4560-8506-a152aa6e019b
content-length
63
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
/
cognito-identity.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:e936:6459:f314:3358 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
http://contratecontrole.tim.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Sat, 10 Sep 2022 06:22:58 GMT
x-amzn-requestid
fd6ba0f2-60bb-4789-9114-d4ad27937860
mercurio.js
tm.jsuol.com.br/modules/ Frame 236C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/mercurio.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:f200:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:56:52 GMT
content-encoding
gzip
age
1566
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
1065
access-control-allow-origin
*
last-modified
Tue, 05 Jan 2021 18:00:13 GMT
server
marrakesh 1.16.6
etag
bed0a7a707f166936e5aaac09879d050
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
4pywwt0IGUAPu4oZ-6L9HgOm9styaG9Z2qF-hUfyjeLDCwbYgG296w==
expires
Sat, 10 Sep 2022 06:56:52 GMT
/
hitbr.acstat.com/contratecontrole/ 		0
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hitbr.acstat.com/contratecontrole/?sid=a6a4fc60-5420-9589-db29-65936ca3b001&t_tid=b1062d62-0974-b9f5-b40b-ff79ceaf6baf&t_dp=&wid=&par=&ref=&t_t=&t_if=0&t_s=&ih=1200&iw=1600&if_p=&s_w=1600&s_h=1200&land=http%3A%2F%2Fcontratecontrole.tim.com.br%2F
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
177.54.158.78 , Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
game.strongerhosting.com.br
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:59 GMT
Last-Modified
Saturday, 10-Sep-2022 06:22:59 GMT
Server
nginx
Content-Type
text/plain
Access-Control-Allow-Origin
http://contratecontrole.tim.com.br
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
conversion.js
d.tailtarget.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d.tailtarget.com/conversion.js
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 01:06:00 GMT
Content-Encoding
gzip
Age
19018
X-GUploader-UploadID
ADPycdu5huwQE6Vmi40mFuJ67PstEdeTVj43R5rChN1CNOVmZB5v3oQG-LiCycbMtZsLSCiW0AKQJQktcuoo5zXZNk7IWg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Content-Length
6114
Last-Modified
Tue, 26 Apr 2022 18:06:37 GMT
Server
UploadServer
ETag
"6401ed812dd323a208e9e4ed7c74bb08"
x-goog-hash
crc32c=dtMtPQ==, md5=ZAHtgS3TI6II6eTtfHS7CA==
Content-Language
en
x-goog-generation
1650996397146701
Cache-Control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Sun, 11 Sep 2022 01:06:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=4A4E8CB842244A50A4313A1FFE8B413A&RedC=c.clarity.ms&MXFR=2D03C072B062606002D9D269B4626E1C
  • https://c.clarity.ms/c.gif?CtsSyncId=4A4E8CB842244A50A4313A1FFE8B413A&MUID=022073F548046D471EED61EE498F6C6A
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=4A4E8CB842244A50A4313A1FFE8B413A&MUID=022073F548046D471EED61EE498F6C6A
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:22:58 GMT
last-modified
Wed, 17 Aug 2022 23:56:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"de363c295b2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:22:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6052CAABD8824EF58F5616153273AE34 Ref B: FRA31EDGE0222 Ref C: 2022-09-10T06:22:59Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=4A4E8CB842244A50A4313A1FFE8B413A&MUID=022073F548046D471EED61EE498F6C6A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
1e398ec7fd9404212a956f8a5143013190e58624a47482716c9e039910099844
prdredir.com/product/ Frame 3BBB 		238 B
957 B 		Document
General
Check archive.org
Download Go to
Full URL
http://prdredir.com/product/1e398ec7fd9404212a956f8a5143013190e58624a47482716c9e039910099844
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:1f54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4dc5ed73dcb8b4b8a5845fea775a603653ba742764913ec0d7e2f5cfa09ebe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
74861282981a6931-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 10 Sep 2022 06:22:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7%2FAyS%2BuykFz07os4Gs3CQmFFm5SU%2BwuoOshEqKRyqvz3EabIVvCxo%2FAzf1pW2OLQ1MKMmNolyE9fxQX%2BmbE2Uc5c3yD1S31oNvmJbW9ZwdMXyIzI%2FKerNT37abJITD%2B3W1LdzVND%2BXm1ZA%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
status
200 OK
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fba35b9e600433712aae96be2db535664e3e57dead9556de7bab4d4864549842
redirect.cdn77.cloud/product/ Frame A348 		271 B
963 B 		Document
General
Check archive.org
Download Go to
Full URL
http://redirect.cdn77.cloud/product/fba35b9e600433712aae96be2db535664e3e57dead9556de7bab4d4864549842
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:e89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3037daf525678747b44b7f083f3e7f5d3d7b10abdd58f64db298fccb47ad87d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
748612841b318fd4-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 10 Sep 2022 06:22:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjMP1UhtOTI2oojkPiW4gTXQoN%2B4bFmEJstELZukX0BM5FbsDcaZtxoirjR5EIb4h6jahMr7sNGNnYJaqfPZWL7axL7nnIfW1hhccP45Awd9SoGaAWFcOkKU4cNNztOZGZib7VkCnR%2FoFUHWONVAZBud0g%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
status
200 OK
x-content-type-options
nosniff
x-xss-protection
1; mode=block
267792549a8e756b76d6372e89a8c6e5c1d9d0c17b0f82d1cdd2a5f40ba24a18
mediamathrdrt.com/product/ Frame 7DF8 		199 B
917 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mediamathrdrt.com/product/267792549a8e756b76d6372e89a8c6e5c1d9d0c17b0f82d1cdd2a5f40ba24a18
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:2795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4c24cae2d913cd353de5a6bc1dc446a9209bebef643bd3f5d61960ea180d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
748612829e579bfe-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 10 Sep 2022 06:22:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hdxb2drZVWxFAQs34QRDTldur9k7epARKE3fbsopwhjR8CAHh%2F3iUF%2BPiVBfGhnmV1lIySW9yO5yRVIyk8fS2v5tvQ0J4y0zHAQW4dw9134YlnmchG9UgAOdaMr7u7QBkoKnxC6E0hcYsDrVBbXyrA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
status
200 OK
x-content-type-options
nosniff
x-xss-protection
1; mode=block
21d1a36fc788258fc6b6c97f7451ed9b8acde1b3a7f0ac84ad3ee16490d0aa9c
prdredir.com/product/ Frame 4278 		238 B
946 B 		Document
General
Check archive.org
Download Go to
Full URL
http://prdredir.com/product/21d1a36fc788258fc6b6c97f7451ed9b8acde1b3a7f0ac84ad3ee16490d0aa9c
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:1f54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ec80af68c385e0dd483c196cba05b5ac533feaaa38f62c7d47a53d4dd424f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
74861282988f9097-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 10 Sep 2022 06:22:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hie7NDPMvt9Hb50eEfhSkx8GKDY966gQYSU4UG8cSSKceTqTzffZccM6gHEbdaStw%2BCeg907n7uMG4BONQgfoDhZ4sHHAYCAnJZ5%2ByHsGCrW%2BNt0ydpK3LXlEIIqClCmmnX4zPfY5a5pbM%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
status
200 OK
x-content-type-options
nosniff
x-xss-protection
1; mode=block
23148a1a3ebd1850a1671fbb83f90ea5b9c89f95f53defdf49b8994a7d44f5c8
prdredir.com/product/ Frame 1E60 		238 B
950 B 		Document
General
Check archive.org
Download Go to
Full URL
http://prdredir.com/product/23148a1a3ebd1850a1671fbb83f90ea5b9c89f95f53defdf49b8994a7d44f5c8
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:1f54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b21811d22d3c6ac4b9035fb96b957f1a3af9be45e1d2ccd1e60809ba3d5445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
74861282ade99208-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 10 Sep 2022 06:22:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xt4xU2WyfnUiL6p1kyie5uEMUPeQ8emA0mh3nuDNPMNxdRp%2FBBHdEyGK%2FxbvoxCOQw9w1hpTmWOIKJMcCiQZIuOte1bVQim%2BYWQz8f%2FFd8MotLIRTK6I19g0NzpV3E1SoHEjoLTP3mL7QV4%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
status
200 OK
x-content-type-options
nosniff
x-xss-protection
1; mode=block
24c98a06c6178f723ce6c144b04baf9466cf800ddf3dcab6119ed77f94852097
mediamathrdrt.com/product/ Frame 66F9 		278 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mediamathrdrt.com/product/24c98a06c6178f723ce6c144b04baf9466cf800ddf3dcab6119ed77f94852097
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:2795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c65f2d0440a5042436e0486c5db562a84c79256b1c8b05f46f2b6420bdb490
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
748612829fe2bb4d-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 10 Sep 2022 06:22:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmFR778JToE5WjPQ33P3ygYlgyuR3g7j10ZeZbtD%2FMcllk9Do79SbxsMmloUan%2FbrxlpHaTeJZaJP%2BWXniOQsE0YZSBdTe1Y4SzdFUoQhX0DYvoUGk25gOzggAwt8T3%2FV119YHSIqrQYEPXfnKW2Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
status
200 OK
x-content-type-options
nosniff
x-xss-protection
1; mode=block
5d2ba714e9c383fc2b5791af6183cc2427cf66951b0f1147dd8d351ec291c70b
mediamathrdrt.com/product/ Frame B271 		227 B
955 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mediamathrdrt.com/product/5d2ba714e9c383fc2b5791af6183cc2427cf66951b0f1147dd8d351ec291c70b
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:2795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f9f5820c1452bc6f48d3a80f732a26888879ea241194f34cd520c13eb6f8e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
74861282ac2d9153-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 10 Sep 2022 06:22:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6TMXHrkSo%2BN5uwfY0rjGIbeRMARnVzTl%2FihEITCWF%2By5uB4eG3SWJ09wW0D0fSEDP%2BYZP1bMQJEgW51kJQjU3%2BKA%2BFM53ctnWt%2FkfTaBv8a1Uxdzoi%2Fh12dYRYclOCZFFx%2F7wdE94b2sinSekOtKg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
status
200 OK
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fe08457a1406d01f7a6226aa566188cffb7adafebaadf8092f1909559839a111
prdredir.com/product/ Frame DF62 		240 B
946 B 		Document
General
Check archive.org
Download Go to
Full URL
http://prdredir.com/product/fe08457a1406d01f7a6226aa566188cffb7adafebaadf8092f1909559839a111
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:1f54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2139e1ab6d9c948b6c753ecc6cd83e91cbcfc4b7a41c97b4fba41bee02e09f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://contratecontrole.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
74861283592c6931-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 10 Sep 2022 06:22:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKCLFu5ZOz5WLn2dVs95rAwJEE227Hj8nedHz5OPaS73XQz%2Fd371tvnaEA5xl9VjDoBjiOFUAeadsS%2FAU4pJMhkhtNgdR3WWWbEIlRW2EVvQtfI42Yq4pIGuJtJ%2FOgbgJg%2FDiaQF5dUlnu4%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
status
200 OK
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
cognito-identity.eu-west-1.amazonaws.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:e936:6459:f314:3358 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
09357063cdfb623ca77185d566525a296b3b2fa4fba11acec7a3517ab05a302f

Request headers

Referer
http://contratecontrole.tim.com.br/
X-AMZ-TARGET
AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Sat, 10 Sep 2022 06:22:59 GMT
content-type
application/x-amz-json-1.1
x-amzn-requestid
42476ef7-3eb9-4b7a-a277-b7ee097e4e78
content-length
1776
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
/
cognito-identity.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:e936:6459:f314:3358 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
http://contratecontrole.tim.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Sat, 10 Sep 2022 06:22:58 GMT
x-amzn-requestid
63f5a31b-145d-45bf-87b3-d55cbfe78f1c
base.js
d.tailtarget.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: http://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 12:18:40 GMT
content-encoding
gzip
age
65059
x-guploader-uploadid
ADPycdvCFjqCSDQ5enyvmP-AV_ZhFdAis22DjRpa6d8H7KONaRlRGPqkMi7s59bbw36atfjaICni514XlshKzIaAVBDbAXThxCAs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8332
last-modified
Tue, 26 Apr 2022 18:06:37 GMT
server
UploadServer
etag
"c39408c14b5169b6ec7d5cc816d58e43"
x-goog-hash
crc32c=+qpsKQ==, md5=w5QIwUtRabbsfVzIFtWOQw==
content-language
en
x-goog-generation
1650996397055202
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Sep 2022 12:18:40 GMT
u
b.t.tailtarget.com/ 		77 B
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tim_controle
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
c9dce1b6fd93d1a0222b6734dd2fc2b468c8a1775ab3620fd99019da09cffa12

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
firehose.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firehose.eu-west-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.34.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-34-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Request-Method
POST
Origin
http://contratecontrole.tim.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Encoding
gzip
Content-Length
20
Date
Sat, 10 Sep 2022 06:22:58 GMT
x-amzn-RequestId
e615e67f-7c3f-7627-bd83-c9fc140307e1
/
firehose.eu-west-1.amazonaws.com/ 		299 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firehose.eu-west-1.amazonaws.com/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.34.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-34-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
be8d0e3b29298782197f0d2cb673651cc4be1b0bbcd0f062520ac69a77360b00

Request headers

accept-language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=ASIAX2DUJRE4QKCREGR5/20220910/eu-west-1/firehose/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token;x-amz-target, Signature=5c58bf4d56ebe16098ed6f56695c3e6aaa02aea99645fc0d498c2775f75f676f
content-type
application/x-amz-json-1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer
http://contratecontrole.tim.com.br/
x-amz-target
Firehose_20150804.PutRecordBatch
x-amz-security-token
IQoJb3JpZ2luX2VjEL///////////wEaCWV1LXdlc3QtMSJHMEUCIDivxwA4br6okXf1Jvw4BxpKyNZBSqfmF6CScJIztfMOAiEAxetaQAVVHFZQgkGZgustvRljM1+PdRAmtQ3+fMQBYp4qkgYIWBADGgw1MzcxMTQ4MDY1ODUiDM95d+PydNuXoUNP/CrvBXBA3pfdDDqIyTvHDA0hs8hWZRZI9YQMZDLpllv0hOCNPAGGpCrJi2mBYvg55sabGX89y+NLCTil3JF3gjoSoyxMqTCAvfO2DUlP7ZnVrO//imGbDdRYtCedXyOjYZmeOig5mfsGtlD/h+ZaN+eS40p0tX5xVOOYBQH4Ft10wAqxEENw1+0+fU1tWKvD8J9WYtX9Xi9xSQA6VBbAF7UCLQw7wp0wUtS5fs9zGRVN4xDx5sKtzX2TunM5CiuYmvc8RTE2JFeoadfnkS5QlWyS6ot81oII9keBuGOu5RPep8QN0woRSvUMAEX7a1zOvc5o66mEbiedWrcjkvZQae0hoIFW3oBfj09F2SqZX6AWIouT/HghMU3BKjE7uCMUWhOIacw9OR2u1ok+khhvDmCTwrpk/qChHNoglLQNHvYEkGQNfQk1oU6XvS+YIZ8G+h9lgwFfeKwjqnYlU1zS80eCIxW/JDRE8gEiwKeoath9GETx6J/TSxxbBuajV/nw61o1jzWYMJs3Cho4HWGhfzG3Lztt8Mbxcb0THUF6RWV61dlLkG0Tu9wc0T114kxHRKjo1LT4hCwZFOnFSjChW3JZNKpPSqWjiGaHChz57cwWvXPgrDyfbEihgTVN9luhpxqVHoh3FgPF9pUQhhPvQaZMahWLedLPlBdk+pmN67M7MQr4S8phwugg+ztWQ7K8HJdoX/YnTzOYW4w/Rov0x/uN+YMkLxXo1wGB6vdjGRyC9CchE0TJ91ak1UxxEsygF3wcvErUk0DiWpzj0o5bPt8x/Vt3IsfpeQOsxXF4UDTZSZPcyo57qYGolG4Mxic7MRnrR57CKa4ua7IgfbPvKf/Tutx/Td/geAXqO6NmvGIVNlxN08sO5gAvCyc7RyDOTn0aJ/5DWNLKYhPWXDfVdhC8sQB1iXMZlUsvBVxw2pye7XGtlVg6qUhdibN40a/H51JZC24DS0AoFEM92gNes1fmXLZWC+rxvHDBqZu/BOZQ71Mww9rwmAY6hwK0sLHocGLUhJ/v4vHRwsLAcHh7tDWYXTekjoyVdZXvAtdW7L6L+7gbNv5CbJxpOkncL/gwzePrqLmqZM0a5nSxSBtvlwOE4Npyc/4270BKDxyHbm75C31aoq2TlvvvgsiwdDNFTqgyNQSaK+BgXRojvXNh29w9TBExER/s8bRX1rkZUq6RHObyQ1PSYieP+iTNpTKAn07YanfcPHCvFx+/MXsRMD/tjIkgZhJVyggmuNwZa3mc0/hcJok1PQ8OWFxkZz8NfnHKMhDm/OkPSqc1uoOW4y82hZIMVqS5XtAXygMaY1w2noDzNniKBrA/tmrSuMZz8shaUY8V8bTNVk4J4gGePM7KXQ==
x-amz-date
20220910T062259Z

Response headers

Date
Sat, 10 Sep 2022 06:22:59 GMT
Content-Encoding
gzip
x-amzn-RequestId
d434065b-eec8-164c-8fa2-29d886f4678a
Content-Type
application/x-amz-json-1.1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length
280
x-amz-id-2
xIQLqhe+omMoVVA1J73bnq9DYMzcLQ7nmswsF1OnC5ZjTRffe5bIucY7/A11tXamYBm+3HTXCtRb5fmD8k6aE0s90JgeBAgN
/
www.americanas.com.br/ Frame 66F9
Redirect Chain
  • https://www.awin1.com/cread.php?awinmid=22193&awinaffid=1076683&campaign=home&ued=https%3A%2F%2Fwww.americanas.com.br%2F
  • https://www.zenaps.com/rclick.php?mid=22193&c_len=1209600&c_ts=1662790979&c_cnt=1076683%7C0%7C0%7C1662790979%7C%7Caw%7C0&ir=04013700-30d1-11ed-92c9-2266c8de2152&pr=https%3A%2F%2Fwww.americanas.com....
  • https://www.americanas.com.br/?utm_medium=afiliados&utm_source=aflb2w&utm_campaign=marca:acom;midia:afiliados;formato:00;subformato:00;idcampanha:acom;franq:1076683&utm_content=22193_1662790979_24a...
0
0
/
casadeapostas.com/pt-br/ Frame 7DF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://casadeapostas.com/pt-br/?pmc=EONF
Requested by
Host: mediamathrdrt.com
URL: http://mediamathrdrt.com/product/267792549a8e756b76d6372e89a8c6e5c1d9d0c17b0f82d1cdd2a5f40ba24a18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mediamathrdrt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
country-341630
br.betano.com/myaccount/ban/ Frame 3BBB
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_8454b_888c_&affid=2441&siteid=8454&adid=888&c=
  • https://gml-grp.com/C.ashx?btag=a_8454b_888c_&affid=2441&siteid=8454&adid=888&c=&AutoR=1
  • https://br.betano.com/?btag=a_8454b_888c_&utm_medium=2441&utm_source=1&siteid=8454
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: prdredir.com
URL: http://prdredir.com/product/1e398ec7fd9404212a956f8a5143013190e58624a47482716c9e039910099844
Protocol
H2
Server
2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prdredir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date
Sat, 10 Sep 2022 06:22:59 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
age
0
strict-transport-security
max-age=31536000; includeSubDomains
location
/myaccount/ban/country-341630?siteid=14
x-farm
BR-SB20
cache-control
no-store
cf-ray
74861284abf190fe-FRA
x-xss-protection
1; mode=block
x-cacheable-status
302
sports
sports.sportingbet.de/de/ Frame B271
Redirect Chain
  • https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2030004
  • https://sports.sportingbet.com/pt-br/sports?sb=1&wm=5201073
  • https://sports.sportingbet.de/de/sports?sb=1&wm=5201073
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.sportingbet.de/de/sports?sb=1&wm=5201073
Requested by
Host: mediamathrdrt.com
URL: http://mediamathrdrt.com/product/5d2ba714e9c383fc2b5791af6183cc2427cf66951b0f1147dd8d351ec291c70b
Protocol
H2
Server
104.18.33.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mediamathrdrt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

sec-fetch-mode
no-cors
date
Sat, 10 Sep 2022 06:22:59 GMT
vary
User-Agent
accept-encoding
gzip
accept-language
de-DE,de;q=0.9
cf-visitor
{"scheme":"https"}
x-forwarded-for
81.95.5.42, 172.70.251.147
cf-cache-status
DYNAMIC
cf-connecting-ip
81.95.5.42
sec-fetch-dest
image
x-redirect-source
Redirex
x-forwarded-proto
https
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
true-client-ip
81.95.5.42
pragma
no-cache
server
cloudflare
host
sports.sportingbet.com
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
strict-transport-security
max-age=2592000
content-type
text/html; charset=utf-8
location
https://sports.sportingbet.de/de/sports?sb=1&wm=5201073
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
referer
http://mediamathrdrt.com/
sec-fetch-site
cross-site
cf-ray
74861286f9686919-FRA
cdn-loop
cloudflare
country-341630
www.betano.pt/myaccount/ban/ Frame 4278
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_8454b_936c_&affid=2441&siteid=8454&adid=936&c=
  • https://gml-grp.com/C.ashx?btag=a_8454b_936c_&affid=2441&siteid=8454&adid=936&c=&AutoR=1
  • https://www.betano.pt/landing/345399/?btag=a_8454b_936c_&utm_medium=2441&utm_source=1&siteid=8454
  • https://www.betano.pt/myaccount/ban/country-341630?siteid=14
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betano.pt/myaccount/ban/country-341630?siteid=14
Requested by
Host: prdredir.com
URL: http://prdredir.com/product/21d1a36fc788258fc6b6c97f7451ed9b8acde1b3a7f0ac84ad3ee16490d0aa9c
Protocol
H2
Server
2606:4700::6811:2d1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prdredir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date
Sat, 10 Sep 2022 06:22:59 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
age
0
strict-transport-security
max-age=31536000; includeSubDomains
location
/myaccount/ban/country-341630?siteid=14
x-applicationtype
dotnetcore
x-farm
PT-SB05
cache-control
no-store
cf-ray
74861284a9639170-FRA
content-length
0
x-xss-protection
1; mode=block
/
www.betano.de/ Frame 1E60
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_8454b_817c_&affid=2441&siteid=8454&adid=817&c=
  • https://gml-grp.com/C.ashx?btag=a_8454b_817c_&affid=2441&siteid=8454&adid=817&c=&AutoR=1
  • https://www.betano.de/?btag=a_8454b_817c_&utm_medium=2441&utm_source=1&siteid=8454
  • https://www.betano.de/?utm_medium=2441&utm_source=1&siteid=8454
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betano.de/?utm_medium=2441&utm_source=1&siteid=8454
Requested by
Host: prdredir.com
URL: http://prdredir.com/product/23148a1a3ebd1850a1671fbb83f90ea5b9c89f95f53defdf49b8994a7d44f5c8
Protocol
H2
Server
2606:4700:4400::6812:2337 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prdredir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date
Sat, 10 Sep 2022 06:22:59 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
age
0
strict-transport-security
max-age=31536000; includeSubDomains
location
/?utm_medium=2441&utm_source=1&siteid=8454
x-farm
DE-SB05
cache-control
no-store
cf-ray
74861284aefd5ba4-FRA
content-length
0
x-xss-protection
1; mode=block
x-cacheable-status
302
collect
k.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://contratecontrole.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
http://contratecontrole.tim.com.br
date
Sat, 10 Sep 2022 06:22:59 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
country-341630
cl.betano.com/myaccount/ban/ Frame DF62
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_8454b_1218c_&affid=2441&siteid=8454&adid=1218&c=
  • https://gml-grp.com/C.ashx?btag=a_8454b_1218c_&affid=2441&siteid=8454&adid=1218&c=&AutoR=1
  • https://cl.betano.com/?btag=a_8454b_1218c_&utm_medium=2441&utm_source=1&siteid=8454
  • https://cl.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cl.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: prdredir.com
URL: http://prdredir.com/product/fe08457a1406d01f7a6226aa566188cffb7adafebaadf8092f1909559839a111
Protocol
H2
Server
2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prdredir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date
Sat, 10 Sep 2022 06:22:59 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
age
0
strict-transport-security
max-age=31536000; includeSubDomains
location
/myaccount/ban/country-341630?siteid=14
x-farm
CL-SB04
cache-control
no-store
cf-ray
74861284cc0990fe-FRA
content-length
0
x-xss-protection
1; mode=block
x-cacheable-status
302
/
eum-orange-saas.instana.io/ 		0
130 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-orange-saas.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.4.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.4.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://contratecontrole.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 10 Sep 2022 06:22:59 GMT
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
b
b.t.tailtarget.com/ 		153 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-9892-2&tY=1&tS=2&tU=0100007F432D1C63A10693A202D14F0C&tX=b.52&tZ=676625751&env=_ttq_tim_controle
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
4831ffdf3b5f92630c3f3f50996e83fec95f570023c396f5c8c3f5eed05ae4c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
www.investing.com/ Frame 5E78
Redirect Chain
  • https://trkmad.com/1983494/
  • https://www.investing.com/
716 KB
144 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.investing.com/
Requested by
Host: redirect.cdn77.cloud
URL: http://redirect.cdn77.cloud/product/fba35b9e600433712aae96be2db535664e3e57dead9556de7bab4d4864549842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fea69588c88b1a3f9a1b2055f4f9844d0a358067e63d53abca17de37d31d12d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content

Request headers

Referer
http://redirect.cdn77.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7486128579e5918c-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests; block-all-mixed-content
content-security-policy-report-only
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://rbmeuulvihtwm2eltjhwimi2.httpschecker.net/report
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
cross-origin
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:22:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent
x-cache-status
BYPASS

Redirect headers

content-length
0
date
Sat, 10 Sep 2022 06:22:59 GMT
location
https://www.investing.com/
strict-transport-security
max-age=63072000; includeSubdomains; preload
ca
tt-9892-2.seg.t.tailtarget.com/ 		83 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-9892-2.seg.t.tailtarget.com/ca?tZ=481173847&env=_ttq_tim_controle
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
58269952ef931bd373f973ae9b9e8d3fedfa353e093074ecf7f1e88607d90f8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5E78 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28684
x-xss-protection
0
server
sffe
etag
"1329 / 265 of 1000 / last-modified: 1662761167"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 10 Sep 2022 06:22:59 GMT
tcf.stub.js
cdn.cookielaw.org/consent/ Frame 5E78 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/tcf.stub.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wWRR1dd+iePr7uQuaw5L+w==
age
514
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 08 Sep 2022 06:34:54 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2144766f-201e-0063-085d-c39ec3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
748612874f816964-FRA
expires
Sat, 10 Sep 2022 10:22:59 GMT
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ Frame 5E78 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
12604
x-ms-lease-status
unlocked
last-modified
Fri, 09 Sep 2022 01:27:32 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6c9c788f-a01e-0034-18f7-c30b85000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
748612875f525b50-FRA
expires
Sat, 10 Sep 2022 10:22:59 GMT
protectedMedia.js
i-invdn-com.investing.com/js/ Frame 5E78 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/protectedMedia.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a71adadf670850c5a3082e27e8c3e749f0413693ebdb14c49325a5350cd29af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
last-modified
Mon, 14 Dec 2020 13:42:22 GMT
server
cloudflare
age
74742
vary
Accept-Encoding
content-type
text/javascript
x-timestamp
1607953341.98582
cache-control
public, max-age=536685
cf-ray
748612873bd1918c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx884f438ec4174fa48aee1-00628260b5dfw1
expires
Fri, 16 Sep 2022 11:27:44 GMT
mainOldMin_v3b.css
i-invdn-com.investing.com/css/ Frame 5E78 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/css/mainOldMin_v3b.css
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ea1e0c263c782515344bc3d6777b260c0e2b2c9404c154483cd3937dc2f13a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
age
74455
cf-polished
origSize=40636
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
txc69e15b4ec43415f852d1-006281fa4cdfw1
last-modified
Wed, 18 Jan 2017 10:08:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-timestamp
1484734113.45306
cache-control
public, max-age=510420
cf-ray
748612873bc8918c-FRA
expires
Fri, 16 Sep 2022 04:09:59 GMT
newMainCssMin_v79f.css
i-invdn-com.investing.com/css/ Frame 5E78 		968 KB
211 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846fb6b9943aab69d695459a239b058454fd907d7883086b78d22208240aca06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
age
78258
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
txdf7e534c3978466aabbda-0063146280dfw1
last-modified
Thu, 01 Sep 2022 14:07:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-timestamp
1662041235.93818
cache-control
public, max-age=604749
cf-ray
748612873bc5918c-FRA
expires
Sat, 17 Sep 2022 06:22:08 GMT
client
accounts.google.com/gsi/ Frame 5E78 		186 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de88b59ebc04d71fcaed2f497c39da1e3acb1a4a7c217dd632c41310f565b4e5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-yaAC4hI2yOuwLY7rS_Pl7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-yaAC4hI2yOuwLY7rS_Pl7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 10 Sep 2022 06:22:59 GMT
jquery-6.4.9.04.min.js
i-invdn-com.investing.com/js/ Frame 5E78 		346 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/jquery-6.4.9.04.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d982b888f5002f4b75035abff99147fa1f0603b583104d6e11dbe393cda08896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Feb 2018 15:15:42 GMT
server
cloudflare
age
74573
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1517843741.97866
cache-control
public, max-age=425686
cf-ray
748612873bca918c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
txd705ced4bfb44a438c079-006280aeffdfw1
expires
Thu, 15 Sep 2022 04:37:45 GMT
notifications-1.03.min.js
i-invdn-com.investing.com/js/n/ Frame 5E78 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/n/notifications-1.03.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e817bcf7b6b96a3581a9b209e9d79660e4ee2e301865bb3e4c407456694c01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
age
77374
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Ruks5eG1Xy48Lk8ViUEMF3F5RM2QzyB1bh57TX.5nmg-1662790979-0-ASGT6doG29e6V3VLHxWBv8WF_t2g8EekgqHN4kOdruNhSkoI2yFNubwGgruDOHP2s-q6zHdhIWRGFwSXeIOZXeDczDOKBpKzaufc5fLn2Ipl; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx54a0fcbafdd64d3595286-006305e6b1dfw1
last-modified
Wed, 24 Aug 2022 08:42:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Ruks5eG1Xy48Lk8ViUEMF3F5RM2QzyB1bh57TX.5nmg-1662790979-0-ASGT6doG29e6V3VLHxWBv8WF_t2g8EekgqHN4kOdruNhSkoI2yFNubwGgruDOHP2s-q6zHdhIWRGFwSXeIOZXeDczDOKBpKzaufc5fLn2Ipl"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1661330542.33443
cache-control
public, max-age=604770
cf-ray
748612873bc9918c-FRA
expires
Sat, 17 Sep 2022 06:22:29 GMT
lazysizes.min.js
i-invdn-com.investing.com/js/ Frame 5E78 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/lazysizes.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10b8714eb5a412ab0bece0bef0fcd9553a38cd0bead58a752e346d6779051373

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
last-modified
Tue, 21 Jan 2020 09:58:33 GMT
server
cloudflare
age
73983
vary
Accept-Encoding
content-type
text/javascript
x-timestamp
1579600712.82561
cache-control
public, max-age=46986
cf-ray
7486128808859193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx1607b776eb034393b3139-00627ae7dcdfw1
expires
Sat, 10 Sep 2022 19:26:05 GMT
utils-0.16.min.js
i-invdn-com.investing.com/js/n/ Frame 5E78 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/n/utils-0.16.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d941c3169786042009a53272250a6fad837d2efd07b00595c5cd6d9b13291c0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jun 2018 15:24:08 GMT
server
cloudflare
age
74455
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1530199447.22964
cache-control
public, max-age=396253
cf-ray
748612873bce918c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
txff2e164f454d4261868fb-0062803c1bdfw1
expires
Wed, 14 Sep 2022 20:27:12 GMT
main-1.17.323.min.js
i-invdn-com.investing.com/js/ Frame 5E78 		407 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/main-1.17.323.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf59e3b34d7f5749ef3c1786bb395d738491563a49fb7c754db78c4e2d314828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 04 Sep 2022 09:31:57 GMT
server
cloudflare
age
80440
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1662283916.70206
cache-control
public, max-age=265778
cf-ray
748612873bcd918c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx798c96dbfd894ebb93e63-006314753cdfw1
expires
Tue, 13 Sep 2022 08:12:37 GMT
carousel-2.11.min.js
i-invdn-com.investing.com/js/ Frame 5E78 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/carousel-2.11.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce8e782639e6b882d0fb171a03f581ea115c982f7a0319388fd9a4004332933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2017 12:42:56 GMT
server
cloudflare
age
72470
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1509626575.80290
cache-control
public, max-age=538163
cf-ray
748612873bcc918c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx0164db598f7947ff9fb20-0062826687dfw1
expires
Fri, 16 Sep 2022 11:52:22 GMT
investing-com-logo-2022.png
i-invdn-com.investing.com/logos/ Frame 5E78 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/logos/investing-com-logo-2022.png
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc98b58c04f2c09b679e319f09ad511ab310e3052fca4500374b366c9c3351e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
age
45509
cf-polished
origFmt=png, origSize=11132
content-length
4538
content-disposition
inline; filename="investing-com-logo-2022.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx2dde9941cf7f4abd841eb-0063086eb7dfw1
expires
Wed, 14 Sep 2022 09:37:43 GMT
last-modified
Wed, 12 Jan 2022 12:34:02 GMT
server
cloudflare
etag
3d27fb7046c538a0dfa2b11bcde7e73f
vary
Accept
content-type
image/webp
x-timestamp
1641990841.33494
cache-control
public, max-age=357284
accept-ranges
bytes
cf-ray
7486128808869193-FRA
cf-bgj
imgq:100,h2pri
d01b563261bcf223986f7ac222680343.jpg
d1-invdn-com.investing.com/company_logo/ Frame 5E78 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1-invdn-com.investing.com/company_logo/d01b563261bcf223986f7ac222680343.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2195c17ea2fa6e190856efb1af0f4b16feea864bff4029a0bd9b35415106ac79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
tx47703ad6b6284bf29a337-00631569dbdfw1
age
1573
cf-polished
origFmt=jpeg, origSize=70875
content-disposition
inline; filename="d01b563261bcf223986f7ac222680343.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
expires
Sat, 10 Sep 2022 13:44:40 GMT
last-modified
Thu, 02 Nov 2017 10:58:13 GMT
server
cloudflare
etag
4bc87d4583e9577cecce5b42f31497ce
vary
Accept
content-type
image/webp
x-timestamp
1509620292.02247
cache-control
public, max-age=26501
accept-ranges
bytes
cf-ray
748612881cdb918c-FRA
cf-bgj
imgq:100,h2pri
InvestingProShield.svg
i-invdn-com.investing.com/ Frame 5E78 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/InvestingProShield.svg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba71b7e5de25323aad0c61c8f6c811667394aaaf6b5680a1b709c6c878633aa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
age
74522
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=lJ88ftLfnEhIazqElFCQBaWT29UTPgFoq_B2PXiZ.W0-1662790979-0-AUytbd1zrcn08mpRYVZUK6oWxZmtykV-C4vJP2a-jU_6NJoau_21wdNkfp_VAJ03NqnSUV5st3bt0HPiHsYo5LwVSMHYGXH4K--Z39_mo97M; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx656b6332982345bda6ed5-006280fb98dfw1
last-modified
Wed, 29 Sep 2021 23:10:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=lJ88ftLfnEhIazqElFCQBaWT29UTPgFoq_B2PXiZ.W0-1662790979-0-AUytbd1zrcn08mpRYVZUK6oWxZmtykV-C4vJP2a-jU_6NJoau_21wdNkfp_VAJ03NqnSUV5st3bt0HPiHsYo5LwVSMHYGXH4K--Z39_mo97M"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/svg+xml
x-timestamp
1632957002.41568
cache-control
public, max-age=445180
cf-ray
7486128808879193-FRA
expires
Thu, 15 Sep 2022 10:02:39 GMT
InvestingProWhiteText.svg
i-invdn-com.investing.com/ Frame 5E78 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/InvestingProWhiteText.svg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aef59d838b02fc9e6900ac119db25a74d2e193b99672091970bd401a3cbbdbd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
last-modified
Fri, 05 Nov 2021 14:12:12 GMT
server
cloudflare
age
74249
vary
Accept-Encoding
content-type
image/svg+xml
x-timestamp
1636121531.46085
cache-control
public, max-age=573259
cf-ray
7486128808899193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx0c7848372c7a4cd19b6ef-00627a7a6adfw1
expires
Fri, 16 Sep 2022 21:37:18 GMT
InvestingProBlackText.svg
i-invdn-com.investing.com/ Frame 5E78 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/InvestingProBlackText.svg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b282e0322b1d4cba75cb8c8c86ca0582b02f10fece097fcdf87cb229d985a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
last-modified
Wed, 29 Sep 2021 23:10:03 GMT
server
cloudflare
age
74591
vary
Accept-Encoding
content-type
image/svg+xml
x-timestamp
1632957002.30896
cache-control
public, max-age=604800
cf-ray
74861288088a9193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx16a9490935104a1092ea5-0062836adcdfw1
expires
Sat, 17 Sep 2022 06:22:59 GMT
b2s_InvestingPro+_LOGO.svg
i-invdn-com.investing.com/header_images/ Frame 5E78 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/header_images/b2s_InvestingPro+_LOGO.svg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5efc12eec84925b1864f406403d15b7de10c0a9dad7f666d03c955cfdca9aa8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
age
70046
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=N0hzTEqX4lb20_Uq0ufsEA8WZwA9pPjyoaZRRs12MOo-1662790979-0-AWUbkAld6Vgi4NKOSLrhu-dbR4AffrqPdM4TbfepjdlkOQfauDejhYjTFwg5JedUkC-n3i19LKy-YLA_H-bmIEvdKPpsz87Zi09XmfSl0AlP; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
txacf6d270eabd4eeea1389-00631483fbdfw1
last-modified
Wed, 31 Aug 2022 10:07:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=N0hzTEqX4lb20_Uq0ufsEA8WZwA9pPjyoaZRRs12MOo-1662790979-0-AWUbkAld6Vgi4NKOSLrhu-dbR4AffrqPdM4TbfepjdlkOQfauDejhYjTFwg5JedUkC-n3i19LKy-YLA_H-bmIEvdKPpsz87Zi09XmfSl0AlP"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/svg+xml
x-timestamp
1661940438.45026
cache-control
public, max-age=604743
cf-ray
74861288088b9193-FRA
expires
Sat, 17 Sep 2022 06:22:02 GMT
close-dark.png
i-invdn-com.investing.com/images/adfree/ Frame 5E78 		180 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/images/adfree/close-dark.png
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d578529f34534236f8ac51482d097bbb41d936d917e6ebf1138aa535f62abc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
age
47818
cf-polished
origFmt=png, origSize=428
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=SilxtLp5w4mK1RE45.zlOWSax3C0EgX2K.2BFBAV5Pg-1662790979-0-AaizH4IByMqOCuD6Isi_h8cxL-UFinM6jD79252UOSifYONBIpB_JRAhGA115ZNb327-w-47Bdvert_1PGsLV6U0CUcztg-5yfEoLaIbs1Vq; report-to cf-csp-endpoint
content-length
180
content-disposition
inline; filename="close-dark.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx595f6fb203fe408db40fb-006304bb10dfw1
expires
Sun, 11 Sep 2022 07:33:41 GMT
last-modified
Sun, 22 Nov 2020 15:43:51 GMT
server
cloudflare
etag
ac496835f94f0b3c675c4983f4b33c69
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=SilxtLp5w4mK1RE45.zlOWSax3C0EgX2K.2BFBAV5Pg-1662790979-0-AaizH4IByMqOCuD6Isi_h8cxL-UFinM6jD79252UOSifYONBIpB_JRAhGA115ZNb327-w-47Bdvert_1PGsLV6U0CUcztg-5yfEoLaIbs1Vq"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
x-timestamp
1606059830.92428
cache-control
public, max-age=90642
accept-ranges
bytes
cf-ray
74861288088d9193-FRA
cf-bgj
imgq:100,h2pri
LYNXMPEI880WH_L.jpg
i-invdn-com.investing.com/trkd-images/ Frame 5E78 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/trkd-images/LYNXMPEI880WH_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f9605b0fbf08648927581f768fca769d766b83573efaa31bd3866f543b79d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
tx605bbbf54f4b47db93fda-00631b8c82dfw1
age
41129
cf-polished
origSize=100686, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
91468
expires
Sat, 17 Sep 2022 06:22:35 GMT
last-modified
Fri, 09 Sep 2022 18:56:51 GMT
server
cloudflare
etag
7b61a1a006bf91ca0361dd3342503f6d
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662749810.19273
cache-control
public, max-age=604776
accept-ranges
bytes
cf-ray
748612873bcf918c-FRA
cf-bgj
imgq:100,h2pri
v_263839_cryptoIcon10.css
i-invdn-com.investing.com/crypto_icons/ Frame 5E78 		600 B
567 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/crypto_icons/v_263839_cryptoIcon10.css
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e53b9a5f1e0445a5a313df0680dd0236e9b138b022dcf48f59c5b67b75362fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
age
64099
cf-polished
origSize=704
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
txb9b12767c8c74ba2bd643-0063173e0adfw1
last-modified
Tue, 06 Sep 2022 12:32:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-timestamp
1662467532.02191
cache-control
public, max-age=604708
cf-ray
74861287d83f9193-FRA
expires
Sat, 17 Sep 2022 06:21:27 GMT
607_636x475_Landscape_1662630425.jpg
i-invdn-com.investing.com/comics/ Frame 5E78 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/comics/607_636x475_Landscape_1662630425.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01db95cd773c50d06c815ca81e6dd37ba0af6412a9faa72bef37df1aabad583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
txbf4bf221815041f58d59f-00631bb771dfw1
age
30162
cf-polished
origSize=89004, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
82196
expires
Sat, 17 Sep 2022 06:22:59 GMT
last-modified
Thu, 08 Sep 2022 09:47:09 GMT
server
cloudflare
etag
bc43efb3ecbd49fea70466dc17b638a7
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662630428.13355
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74861288088e9193-FRA
cf-bgj
imgq:100,h2pri
outbrain.js
widgets.outbrain.com/ Frame 5E78 		207 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23b61cb6d6b15a445c639de815c94bdb15de52b795761506ade126c48246e379

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 11:46:38 GMT
etag
"15-PPUOYZSmHbEFePYJa5dief3gkv4"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
927b850881626a1f0ecebe5a29298f1
timing-allow-origin
*, *
content-length
72871
jquery.scroll.0.js
i-invdn-com.investing.com/js/ Frame 5E78 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/jquery.scroll.0.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e11c9ba665c426a4b9f5dd0d77146fcd1f8406f4c89af35345b24e8e9c89ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
last-modified
Sun, 29 Oct 2017 08:31:13 GMT
server
cloudflare
age
74415
vary
Accept-Encoding
content-type
application/javascript
x-timestamp
1509265872.68797
cache-control
public, max-age=478442
cf-ray
74861287d83d9193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
txf265ce9b41854385ae61f-006278c7ecdfw1
expires
Thu, 15 Sep 2022 19:17:01 GMT
consent-manager-1.06.min.js
i-invdn-com.investing.com/js/n/ Frame 5E78 		381 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/n/consent-manager-1.06.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848850f3045556cd545bb7dab99c180b0adc65757ac600e4b042ea45cb463dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Aug 2020 07:59:52 GMT
server
cloudflare
age
74612
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1597391991.60398
cache-control
public, max-age=122119
cf-ray
74861287f8679193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx59d11b7fc9624197970c9-00627c0db8dfw1
expires
Sun, 11 Sep 2022 16:18:18 GMT
search-bar-2.0-1.18.min.js
i-invdn-com.investing.com/js/n/ Frame 5E78 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/n/search-bar-2.0-1.18.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eae6f8358af068fbf0fd78d705c567f3a69c0e251e95044dba07813c5989c8ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Dec 2018 12:53:04 GMT
server
cloudflare
age
74769
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1545828783.29602
cache-control
public, max-age=36711
cf-ray
7486128808799193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx843eaf1a8a6a47fb8eea3-00627abfc0dfw1
expires
Sat, 10 Sep 2022 16:34:50 GMT
crypto-socket-1.02.min.js
i-invdn-com.investing.com/js/n/ Frame 5E78 		904 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/n/crypto-socket-1.02.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1504c2271c397b6953cea3b475e942d0e2e26b92db798028c8397193aa5c6d0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Aug 2018 06:22:14 GMT
server
cloudflare
age
73574
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1534659733.36924
cache-control
public, max-age=172103
cf-ray
74861288087b9193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx4dec73beed1f49a793052-00627cd090dfw1
expires
Mon, 12 Sep 2022 06:11:22 GMT
ec-2.38.min.js
i-invdn-com.investing.com/js/ Frame 5E78 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/ec-2.38.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63bc363c465a7f0ecfaef1802fc10a7e451dce463111895867af13c590a69107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Jun 2018 08:36:51 GMT
server
cloudflare
age
73151
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1528792610.03349
cache-control
public, max-age=367821
cf-ray
74861288087d9193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx60e83c2221354469b6e5b-00627fcd24dfw1
expires
Wed, 14 Sep 2022 12:33:20 GMT
stockScreener-2.52.min.js
i-invdn-com.investing.com/js/ Frame 5E78 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/stockScreener-2.52.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4351f3bcd7fdf81542f805a7e63d3bbc470363e828d1a65d9e419a2dd4f498cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Aug 2021 12:55:11 GMT
server
cloudflare
age
72369
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1628686510.29416
cache-control
public, max-age=451119
cf-ray
74861288087f9193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx05dc3d1756d94be2ab48b-00628112bddfw1
expires
Thu, 15 Sep 2022 11:41:38 GMT
crypto-filter-box-1.10.min.js
i-invdn-com.investing.com/js/ Frame 5E78 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/crypto-filter-box-1.10.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a70c7b1e4e92bf57916121648db1c0598f4161cb412041275bcf32b7e3ea06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Feb 2019 09:40:58 GMT
server
cloudflare
age
73129
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1550482857.11633
cache-control
public, max-age=327279
cf-ray
7486128808809193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
txe91d47e0f71140fe9b3a6-00627f2edcdfw1
expires
Wed, 14 Sep 2022 01:17:38 GMT
core-highcharts-1.02.min.js
i-invdn-com.investing.com/js/ Frame 5E78 		212 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/core-highcharts-1.02.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a389cdb91b7b65a113ed24192360d6ea286ea74719d2839eef4530105ece7e7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Jul 2018 07:38:38 GMT
server
cloudflare
age
74458
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1531121917.88389
cache-control
public, max-age=138054
cf-ray
7486128808829193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx8f6e66eaefe2417aa7a1b-00627c4bafdfw1
expires
Sun, 11 Sep 2022 20:43:53 GMT
jscharts-8.1.18.min.js
i-invdn-com.investing.com/js/ Frame 5E78 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/js/jscharts-8.1.18.min.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6748ddde5b2db6150d4031d007d6bde779f62bf30fdafa33794b7fa0fa0b02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 15 Aug 2021 11:33:30 GMT
server
cloudflare
age
74415
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1629027209.43889
cache-control
public, max-age=198254
cf-ray
7486128808849193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx27274384404f427fb9880-00627d36b3dfw1
expires
Mon, 12 Sep 2022 13:27:13 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 5E78 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:09:30 GMT
x-content-type-options
nosniff
age
809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 06:24:30 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 5E78 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.investing.com/
Origin
https://www.investing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
748612882e7c9296-FRA
seg
secure.adnxs.com/ Frame 5E78 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?t=2&add=19833489
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 06:22:59 GMT
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
8d0b4ea4-aaa9-492f-9994-7e4d14cd8459
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1474425375913156&ev=Microdata&dl=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&rl=&if=false&ts=1662790979736&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TIM%20CONTROLE%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.2.1662790978232.388574467&it=1662790977388&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sat, 10 Sep 2022 06:22:59 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=915363375933394&ev=Microdata&dl=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&rl=&if=false&ts=1662790979739&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TIM%20CONTROLE%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.2.1662790978232.388574467&it=1662790977388&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sat, 10 Sep 2022 06:22:59 GMT
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-9892-2&tE=0&tF=&tI=_erlangen_bavaria_de_1662790979343_1365181738&tJ=&tU=0100007F432D1C63A10693A202D14F0C&tX=b.52&tY=1&tZ=773201510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
265d5ac2-7d0c-4675-bf4d-421a61fb482e.json
cookie-cdn.cookiepro.com/consent/265d5ac2-7d0c-4675-bf4d-421a61fb482e/ Frame 5E78 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/265d5ac2-7d0c-4675-bf4d-421a61fb482e/265d5ac2-7d0c-4675-bf4d-421a61fb482e.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d00f1419e9d1d49f6f376ac16c3bd9f42a1f5bdf25d0843e33f2b3e41b8c659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
KGbDxWKUkc4Gc5zHroZRpw==
age
8937
x-ms-lease-status
unlocked
last-modified
Sun, 21 Aug 2022 07:02:09 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
98865013-801e-00a5-5732-b56e37000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74861287aa8b9124-FRA
cors
rt.ad-score.com/v2/score/ Frame 5E78 		53 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/v2/score/cors?s=1&callback=PMRT&cb=0.9655167328811343&pid=1000745&tid=www.investing.com&l1=undef&l2=undef&l3=undef&l4=undef&l5=undef&l6=undef&uid=pmu-6oOQB5Hpv9Z7UFjRZ19CZpAvvGCq
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/js/protectedMedia.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
8a5eb0a23bb6e5a6b664cdcfcab1964cce731413a2ee52d4782e4c6b2f8b79f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 06:23:00 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.investing.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
53
droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ Frame 5E78 		1 KB
468 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i-invdn-com.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 10 Sep 2022 06:22:59 GMT
printContent_v10.css
i-invdn-com.investing.com/css/ Frame 5E78 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i-invdn-com.investing.com/css/printContent_v10.css
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49835fbd429072ee65cb5341d2cf4c3cbecde9f157f1c4d1373b18f4cbda82e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
age
74488
cf-polished
origSize=6991
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx3ad817ed9ce64117b1ced-0062824c41dfw1
last-modified
Sun, 09 Jul 2017 09:08:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-timestamp
1499591316.87339
cache-control
public, max-age=531370
cf-ray
74861288088f9193-FRA
expires
Fri, 16 Sep 2022 09:59:09 GMT
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ Frame 5E78 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2368
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Sep 2023 05:43:31 GMT
platform.js
apis.google.com/js/ Frame 5E78 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=loadAfterGApiReady
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0403652d2b50c5b8a56e34d591453c95b36768604f59ac58e74e53fd00ed504a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20370
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Sat, 10 Sep 2022 06:22:59 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"0c274bdc942f708e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 06:22:59 GMT
obtp.js
amplify.outbrain.com/cp/ Frame 5E78 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:22:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 14:06:31 GMT
Server
AkamaiNetStorage
ETag
"51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3249
Expires
Sat, 10 Sep 2022 06:42:59 GMT
gtm.js
www.googletagmanager.com/ Frame 5E78 		220 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PGT3R3D&l=dataLayerGTMParams
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa107458d2ccfc7cd362c7ea3110911fe7bf2e87e1ab141f180473d6a98948b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71588
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Sep 2022 06:22:59 GMT
analytics.js
www.google-analytics.com/ Frame 5E78 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4859
date
Sat, 10 Sep 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 10 Sep 2022 07:02:00 GMT
newSiteIconsSprite_v42j.png
i-invdn-com.investing.com/ Frame 5E78 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/newSiteIconsSprite_v42j.png
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc8b2b510fd62c319d3c95ffc8e037e23c2865ffba7919331d34c5260dfd1a78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
age
46319
cf-polished
origFmt=png, origSize=214990
content-length
147086
content-disposition
inline; filename="newSiteIconsSprite_v42j.webp"
expires
Mon, 12 Sep 2022 20:58:34 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx025c4c13e73f4b85a8150-0063145c87dfw1
x-object-meta-cb-modifiedtime
Wed, 22 Apr 2020 13:09:01 GMT
last-modified
Wed, 22 Apr 2020 13:09:18 GMT
server
cloudflare
etag
162cc749148175e4f9ae3f655801a806
vary
Accept
content-type
image/webp
x-timestamp
1587560957.77826
cache-control
public, max-age=225335
accept-ranges
bytes
cf-ray
7486128808909193-FRA
cf-bgj
imgq:100,h2pri
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 5E78 		153 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.investing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
748612884901996e-FRA
access-control-allow-headers
Content-Type
ce_flags_v25.png
i-invdn-com.investing.com/ Frame 5E78 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/ce_flags_v25.png
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd095c24c35d71096971dcb92cdaaffb0bf65a999f7df55b9784ed9e6d0d50ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
age
47818
cf-polished
origFmt=png, origSize=177561
content-length
129648
content-disposition
inline; filename="ce_flags_v25.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx36b24a2979104af69e057-0063197421dfw1
expires
Fri, 16 Sep 2022 18:05:37 GMT
last-modified
Thu, 20 Sep 2018 08:47:21 GMT
server
cloudflare
etag
aac0a37e367b3a43860a748393bedf8c
vary
Accept
content-type
image/webp
x-timestamp
1537433240.61376
cache-control
public, max-age=560558
accept-ranges
bytes
cf-ray
7486128818989193-FRA
cf-bgj
imgq:100,h2pri
b2s_Strip_BG.png
i-invdn-com.investing.com/header_images/ Frame 5E78 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/header_images/b2s_Strip_BG.png
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97809d49d550c21e726b09be8f094442d8730de6b3605f51657322f8d3d07e66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
age
13089
cf-polished
origFmt=png, origSize=24677
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Xenl0T_E4ys9q9YUg.OWWSDVydjw8odBWoa_0gxxRAY-1662790979-0-AUatU9SdA1u07gjcSmULn1AWPSOdk1QzeCKx-xFDeTxFEPxmSGIlNeonMfVyJjAdwuWTGh4_j22lrMt2Ou3E-I_IFTHdwPO04uA_XNyYlnk2; report-to cf-csp-endpoint
content-length
17530
content-disposition
inline; filename="b2s_Strip_BG.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx340381ca1942471aa7ed2-00631462a8dfw1
expires
Mon, 12 Sep 2022 12:12:07 GMT
last-modified
Wed, 31 Aug 2022 10:07:19 GMT
server
cloudflare
etag
d4d116c8897937e5b00990f0e33c6d08
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Xenl0T_E4ys9q9YUg.OWWSDVydjw8odBWoa_0gxxRAY-1662790979-0-AUatU9SdA1u07gjcSmULn1AWPSOdk1QzeCKx-xFDeTxFEPxmSGIlNeonMfVyJjAdwuWTGh4_j22lrMt2Ou3E-I_IFTHdwPO04uA_XNyYlnk2"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
x-timestamp
1661940438.47709
cache-control
public, max-age=193748
accept-ranges
bytes
cf-ray
7486128818999193-FRA
cf-bgj
imgq:100,h2pri
b2s_P+.svg
i-invdn-com.investing.com/header_images/ Frame 5E78 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/header_images/b2s_P+.svg
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
960872c0480d034c2cb29dfcff6aed996857812f5bff51433882be5ed8329ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
age
73189
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=wFovkme.qhV07zwa3SUH4qmuyzhH6PszxvFyx_st2OU-1662790979-0-AbEw68XXT42VX2rKqggSRlkk8WSQ8-yIUiY2zkrYi2YOVkZ3oTX8jYR0nqcWpY1o-eEDoG1dzI733eelOiwhaRwBTm43bGtFeMlUaFmEzwfN; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx8892e6512b294acab0f3a-00631462a8dfw1
last-modified
Wed, 31 Aug 2022 10:07:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=wFovkme.qhV07zwa3SUH4qmuyzhH6PszxvFyx_st2OU-1662790979-0-AbEw68XXT42VX2rKqggSRlkk8WSQ8-yIUiY2zkrYi2YOVkZ3oTX8jYR0nqcWpY1o-eEDoG1dzI733eelOiwhaRwBTm43bGtFeMlUaFmEzwfN"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/svg+xml
x-timestamp
1661940438.46680
cache-control
public, max-age=604782
cf-ray
74861288189c9193-FRA
expires
Sat, 17 Sep 2022 06:22:41 GMT
LYNXMPEI880WH_L.jpg
i-invdn-com.investing.com/news/external-images-thumbnails/ Frame 5E78 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/news/external-images-thumbnails/LYNXMPEI880WH_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff27129ffea7830b0d143c31815d7a14c9eaddf82a10ad6579acdd7d679fbbc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
tx428185b1916e4e9d9ea84-00631b8c82dfw1
age
41127
cf-polished
origSize=8776, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8086
expires
Sat, 17 Sep 2022 06:22:26 GMT
last-modified
Fri, 09 Sep 2022 18:56:55 GMT
server
cloudflare
etag
ea85a2a0c44097c8414d8a86e433e854
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662749814.96198
cache-control
public, max-age=604767
accept-ranges
bytes
cf-ray
7486128838b69193-FRA
cf-bgj
imgq:100,h2pri
LYNXMPEI8708D_L.jpg
i-invdn-com.investing.com/trkd-images/ Frame 5E78 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/trkd-images/LYNXMPEI8708D_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d65858766c18e590ab92481d0e8a678e411499055547dd170cfff3b0fd4c4a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
tx579fefba687341eeb0c14-00631ad2b7dfw1
age
2236
cf-polished
origSize=75825, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68297
expires
Sat, 17 Sep 2022 06:22:05 GMT
last-modified
Fri, 09 Sep 2022 05:44:05 GMT
server
cloudflare
etag
dafaf8343c919a71e3268c566b3d4b9e
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662702244.62167
cache-control
public, max-age=604746
accept-ranges
bytes
cf-ray
7486128838b89193-FRA
cf-bgj
imgq:100,h2pri
LYNXMPEI8708D_L.jpg
i-invdn-com.investing.com/news/external-images-thumbnails/ Frame 5E78 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/news/external-images-thumbnails/LYNXMPEI8708D_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a70e594af6a75f74d9b515178e7bf4933a5bd149262e24a5cdde908c9b50d14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
txcbeb45acce274070bf50e-00631ad2b6dfw1
age
2236
cf-polished
origSize=6562, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6054
expires
Sat, 17 Sep 2022 06:22:05 GMT
last-modified
Fri, 09 Sep 2022 05:44:09 GMT
server
cloudflare
etag
bf85c3f4033f4568f3c44f6c1ca0d164
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662702248.09513
cache-control
public, max-age=604746
accept-ranges
bytes
cf-ray
7486128838b99193-FRA
cf-bgj
imgq:100,h2pri
LYNXMPEI8900E_L.jpg
i-invdn-com.investing.com/trkd-images/ Frame 5E78 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/trkd-images/LYNXMPEI8900E_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c24cf13ae3c04ac2c029014ad4ce5e374e15d7b6380f157ad2c8c45f245ea71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
tx62f7920b0bc1462a83d2d-00631befd9dfw1
age
15667
cf-polished
origSize=55256, status=webp_bigger
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=wA7hkZjH4TH5lI0.Gv4xT3twURIlAzimD7iK9bVyidE-1662790979-0-AUlsa96I-Yc5Hd1m9PJu8LrVv7bB9FiVihhI4BLTFBBjv9MxbMaQWt4-8bMXit54TiWRiG4h0eW2VqD9mVyr2_2Se7iSKMG4VUTDICL1ZjDC; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49287
expires
Sat, 17 Sep 2022 06:21:38 GMT
last-modified
Sat, 10 Sep 2022 02:00:27 GMT
server
cloudflare
etag
c784e8f6d2c830cdd5510d224668c62c
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=wA7hkZjH4TH5lI0.Gv4xT3twURIlAzimD7iK9bVyidE-1662790979-0-AUlsa96I-Yc5Hd1m9PJu8LrVv7bB9FiVihhI4BLTFBBjv9MxbMaQWt4-8bMXit54TiWRiG4h0eW2VqD9mVyr2_2Se7iSKMG4VUTDICL1ZjDC"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/jpeg
x-timestamp
1662775226.98891
cache-control
public, max-age=604719
accept-ranges
bytes
cf-ray
7486128838bc9193-FRA
cf-bgj
imgq:100,h2pri
LYNXMPEI8900E_L.jpg
i-invdn-com.investing.com/news/external-images-thumbnails/ Frame 5E78 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/news/external-images-thumbnails/LYNXMPEI8900E_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c691681677cd4ee66b526476b2dcfa80198528cf5c3ef670aaa5953976562f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
tx04cf1c43760444469e8b6-00631befdfdfw1
age
15518
cf-polished
origSize=7678, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7138
expires
Sat, 17 Sep 2022 06:19:41 GMT
last-modified
Sat, 10 Sep 2022 02:00:32 GMT
server
cloudflare
etag
c5a3bfe3a9f3c66cc32f5e7c0d6286f9
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662775231.09691
cache-control
public, max-age=604602
accept-ranges
bytes
cf-ray
7486128838bf9193-FRA
cf-bgj
imgq:100,h2pri
LYNXMPEI880ZB_L.jpg
i-invdn-com.investing.com/trkd-images/ Frame 5E78 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/trkd-images/LYNXMPEI880ZB_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7bb3d9d47f3917b2f1170ecaabc6d5bbb4c2e7b5a2b0e65acc05c49fa64cd70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
txd659ed86e6d24f4b8615c-00631bb8c5dfw1
age
29821
cf-polished
origSize=111704, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102625
expires
Sat, 17 Sep 2022 06:22:32 GMT
last-modified
Fri, 09 Sep 2022 22:05:37 GMT
server
cloudflare
etag
69515e93eacd9ee6d3ae39102c27fe51
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662761136.95192
cache-control
public, max-age=604773
accept-ranges
bytes
cf-ray
7486128838c09193-FRA
cf-bgj
imgq:100,h2pri
LYNXMPEI880ZB_L.jpg
i-invdn-com.investing.com/news/external-images-thumbnails/ Frame 5E78 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/news/external-images-thumbnails/LYNXMPEI880ZB_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130b890c33817d21e0c4a5b791d1d15ac8eb74affbc3baf41fe72a824ccdec62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
txa29a12ffd4a84b22bcab9-00631bb8c2dfw1
age
29768
cf-polished
origSize=9005, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8228
expires
Sat, 17 Sep 2022 06:21:10 GMT
last-modified
Fri, 09 Sep 2022 22:05:42 GMT
server
cloudflare
etag
0ccf2d0d1b812191f5f4f8305b44cabd
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662761141.24273
cache-control
public, max-age=604691
accept-ranges
bytes
cf-ray
7486128838c29193-FRA
cf-bgj
imgq:100,h2pri
LYNXMPEI8900R_L.jpg
i-invdn-com.investing.com/trkd-images/ Frame 5E78 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/trkd-images/LYNXMPEI8900R_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e8b8e93d3ebbf5d4e1d58bb516932af1e2439f82688b966eaacd05710cd1dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
tx35a002ef77e04b01b0143-00631bfdf3dfw1
age
12061
cf-polished
origSize=56311, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49606
expires
Sat, 17 Sep 2022 06:21:29 GMT
last-modified
Sat, 10 Sep 2022 03:00:30 GMT
server
cloudflare
etag
67d7bad3752a4326c6321f5ecdf9eb8a
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662778829.41608
cache-control
public, max-age=604710
accept-ranges
bytes
cf-ray
7486128838c39193-FRA
cf-bgj
imgq:100,h2pri
LYNXMPEI8900R_L.jpg
i-invdn-com.investing.com/news/external-images-thumbnails/ Frame 5E78 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/news/external-images-thumbnails/LYNXMPEI8900R_L.jpg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240c56dded2b595ac599c98fe517e4aa5d4a92769dee62f44aef66d1e8a6a091

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
txe9b5346f11cb4192b3d05-00631bfebfdfw1
age
11908
cf-polished
origSize=6271, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5743
expires
Sat, 17 Sep 2022 06:22:50 GMT
last-modified
Sat, 10 Sep 2022 03:00:34 GMT
server
cloudflare
etag
bfa5df4c6dafafefba74ef8d68f6c167
vary
Accept-Encoding
content-type
image/jpeg
x-timestamp
1662778833.78795
cache-control
public, max-age=604791
accept-ranges
bytes
cf-ray
7486128838c49193-FRA
cf-bgj
imgq:100,h2pri
investing_logo_77x16.jpg
i-invdn-com.investing.com/logos/analysts/ Frame 5E78 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/logos/analysts/investing_logo_77x16.jpg
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f144aff728bf2359810868efe168abca4119f78ff5ee60f465476884c381483

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
origin
https://mycloud.rackspace.com
cf-cache-status
HIT
age
44100
cf-polished
origFmt=jpeg, origSize=2530
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=4F84nr3sDwvXoCDr9t07z0YMDVgBnyCXtnjkSt8OIAk-1662790979-0-AcT_v9VQvoV0Ue6FUDNotjtzNGjBcgw-qQCswMj9NEvBknWmGjEGbNuVZhKxZlTQmcsVXI0m26emcb4ce_9zkz9vF_0Ywzbs1R7pxSb4C3l-; report-to cf-csp-endpoint
content-length
1122
content-disposition
inline; filename="investing_logo_77x16.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
tx7ec14a4bd2914af780465-0063012eeedfw1
expires
Sun, 11 Sep 2022 00:22:39 GMT
last-modified
Mon, 14 May 2018 12:16:49 GMT
server
cloudflare
etag
021848563581440412b0176c00569ef2
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=4F84nr3sDwvXoCDr9t07z0YMDVgBnyCXtnjkSt8OIAk-1662790979-0-AcT_v9VQvoV0Ue6FUDNotjtzNGjBcgw-qQCswMj9NEvBknWmGjEGbNuVZhKxZlTQmcsVXI0m26emcb4ce_9zkz9vF_0Ywzbs1R7pxSb4C3l-"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
x-timestamp
1526300208.64178
cache-control
public, max-age=64780
accept-ranges
bytes
cf-ray
7486128848cd9193-FRA
cf-bgj
imgq:100,h2pri
v_263839_cryptoIcon10.png
i-invdn-com.investing.com/crypto_icons/ Frame 5E78 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/crypto_icons/v_263839_cryptoIcon10.png
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/crypto_icons/v_263839_cryptoIcon10.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a73eba835fc16844590ab33f2ef9749b80c4a0d959746698e4bcf37303e577

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i-invdn-com.investing.com/crypto_icons/v_263839_cryptoIcon10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
cf-cache-status
HIT
x-trans-id
txc858af4efc8c40b5866ef-0063173e0adfw1
age
46278
cf-polished
origFmt=png, origSize=7972
content-disposition
inline; filename="v_263839_cryptoIcon10.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6130
expires
Thu, 15 Sep 2022 01:25:37 GMT
last-modified
Tue, 06 Sep 2022 12:32:08 GMT
server
cloudflare
etag
b81dc793acf2a533e9baa8d9b43047a5
vary
Accept
content-type
image/webp
x-timestamp
1662467527.04941
cache-control
public, max-age=414158
accept-ranges
bytes
cf-ray
7486128848ce9193-FRA
cf-bgj
imgq:100,h2pri
optimize.js
www.googleoptimize.com/ Frame 5E78 		129 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-WW3TL3X&l=dataLayerGTMParams
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGT3R3D&l=dataLayerGTMParams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17d01e866bba4805635e975549d038cabf1bf74b97f4d95d57941a791213235c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47295
x-xss-protection
0
expires
Sat, 10 Sep 2022 06:22:59 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 5E78 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGT3R3D&l=dataLayerGTMParams
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26737
x-xss-protection
0
pragma
public
x-fb-debug
0Jg2GuVzNmDAIHA96RQPkwrt+bqcGtPYN+CdZ6jE6A2/e5qIaEo0wvtBYlKmnoYxPJ+2jPkaZzuav0CeoIm4SQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Sep 2022 06:22:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1407007/ Frame 5E78 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1407007/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGT3R3D&l=dataLayerGTMParams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
530c928f619f60b437a3d548e603211d74eda1e9e3ed6e809dd81c72f113e902

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
f31UDaTING_k_Ii64IY78u1S6PDuZPAZ
content-encoding
gzip
etag
"46c025cffad7d3729837e217a9cb1c9e"
age
84
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17935
x-amz-id-2
ZZ42d04cWF3TDQw2M1voOjMHTQAMMfdbZR9/QK41EzffU6Pf3ytTntSstByyn0/0xMbJX0wrIgc=
x-served-by
cache-hhn4042-HHN
last-modified
Sun, 04 Sep 2022 11:22:22 GMT
server
AmazonS3
x-timer
S1662790980.933811,VS0,VE1
date
Sat, 10 Sep 2022 06:22:59 GMT
vary
Accept-Encoding
x-amz-request-id
VXNY7QFD8B36X73T
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
1
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/6.38.0/ Frame 5E78 		369 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/otBannerSdk.js
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:22:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
jz950M8ZW7RakPP2zlLHZQ==
age
4162
x-ms-lease-status
unlocked
last-modified
Wed, 06 Jul 2022 01:34:24 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b1c6f4dc-c01e-001d-5fec-9035f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
74861288d9215b50-FRA
expires
Sat, 10 Sep 2022 10:22:59 GMT
ajax-loader-big.gif
i-invdn-com.investing.com/ Frame 5E78 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-invdn-com.investing.com/ajax-loader-big.gif
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67853bff09e2538cc2bfe2b9ae0f11ae82ba1659323a718618e495f504e697bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i-invdn-com.investing.com/css/newMainCssMin_v79f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
cf-cache-status
HIT
x-trans-id
tx7a5d6b8cd55d4d06a0e37-0063198f51dfw1
age
47791
cf-polished
origFmt=gif, origSize=7378
content-disposition
inline; filename="ajax-loader-big.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5756
expires
Fri, 16 Sep 2022 20:01:23 GMT
last-modified
Wed, 25 May 2011 13:59:34 GMT
server
cloudflare
etag
7518558d5681934df3bd69583c66a717
vary
Accept
content-type
image/webp
x-timestamp
1306331973.05873
cache-control
public, max-age=567503
accept-ranges
bytes
cf-ray
74861288f9ae9193-FRA
cf-bgj
imgq:100,h2pri
cachedClickId
tr.outbrain.com/ Frame 5E78 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00d807ecaf50797b1d395f73b69546fffe,000db184beb9a909eee965fa2a171ddf57,00904195be294634c70045ea080f2b7d98,00dd52b52a802e7a5255645bac2189a054
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
gzip
X-TraceId
51ef49364a45736672af1d1e77fcc687
Content-Length
56
Content-Type
application/javascript
d3d3LmludmVzdGluZy5jb20=
tcheck.outbrainimg.com/tcheck/check/ Frame 5E78 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmludmVzdGluZy5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:23:00 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=10722
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
da9021c07cfe17e380b40b7388141df2
Content-Length
16
Expires
Sat, 10 Sep 2022 09:21:42 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 5E78 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Mon, 10 Oct 2022 06:23:00 GMT
likebox.php
www.facebook.com/plugins/ Frame 54D2 		45 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d370befa08e3820a1df956ae59f4be3f4baae67ca7af79eca64f7e82f8a1b280
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.investing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sat, 10 Sep 2022 06:23:00 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
+t5GEi06N6Z/HAIY2RojU/RXYdHufLA4zjqJKkYtgTF8/df0uFO/1j2/rwvjnQ4O30eLYnBfVyaaCqjrhGuILg==
x-fb-rlafr
0
x-xss-protection
0
identity.js
connect.facebook.net/signals/plugins/ Frame 5E78 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.79
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
f3y2V9EX+/yRnrHch/1jtYIUn69HQtb1pcHO6B0iNc8ys/qO2h+N2t6cgIWFqHDEqk2GYrGVHVGqElEPcg8kpQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Sep 2022 06:23:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
751110881643258
connect.facebook.net/signals/config/ Frame 5E78 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/751110881643258?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e64f421b5306d939ff1c76a6bb61c3b75458c70cf8bffca46a7f2c37b6f495df
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7016
x-xss-protection
0
pragma
public
x-fb-debug
/UJEt+QduHBDl97YTmCfWE7WY3I0JCgvUUpsGY6O3htnUI0jROxIQtMM1vR7FgYM7M2tIhogIIYbGjNcyVfFcQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Sep 2022 06:23:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
en.json
cookie-cdn.cookiepro.com/consent/265d5ac2-7d0c-4675-bf4d-421a61fb482e/5e4d66d0-354c-41c4-a04f-808e27bafac5/ Frame 5E78 		165 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/265d5ac2-7d0c-4675-bf4d-421a61fb482e/5e4d66d0-354c-41c4-a04f-808e27bafac5/en.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ce78d365e44fb97acbf006ae09b91f8e323ea01ee3a2b896daa2c21db8586f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
YqHJY/ga2joVxcy4/yTXAw==
age
11409
x-ms-lease-status
unlocked
last-modified
Sun, 21 Aug 2022 07:02:35 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5345a451-901e-005d-2a32-b532c9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74861289ddac9124-FRA
iab2Data.json
cookie-cdn.cookiepro.com/vendorlist/ Frame 5E78 		352 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/vendorlist/iab2Data.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ed4a74eafc601b0aa2f81389185002dd37349730665110c0ff7fff8e6b88a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
9/OlryJ+TA1UcDUyVPrvZw==
age
2048
x-ms-lease-status
unlocked
last-modified
Sat, 10 Sep 2022 01:00:06 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4b7b6a10-b01e-0065-76c9-c49609000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
74861289ddad9124-FRA
expires
Sat, 10 Sep 2022 10:23:00 GMT
googleData.json
cookie-cdn.cookiepro.com/vendorlist/ Frame 5E78 		59 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/vendorlist/googleData.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c5b00fb1d8632efb31ea7c36949d6bc71c4542af911398045615347c4096243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
3UJqYcd+ibxBEPWZM7BgJw==
age
13065
x-ms-lease-status
unlocked
last-modified
Fri, 09 Sep 2022 13:00:01 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
13692201-d01e-004c-0564-c4a87d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
74861289ddae9124-FRA
expires
Sat, 10 Sep 2022 10:23:00 GMT
otTCF.js
cookie-cdn.cookiepro.com/scripttemplates/6.38.0/ Frame 5E78 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/otTCF.js
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
xJnoFqOSVS/9gHrxiFjgDQ==
age
14237
x-ms-lease-status
unlocked
last-modified
Wed, 06 Jul 2022 01:34:21 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
97e60585-f01e-0074-5a48-910cbd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
74861289d9fb5b50-FRA
expires
Sat, 10 Sep 2022 10:23:00 GMT
jp.php
www.investing.com/ Frame 5E78 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.investing.com/jp.php?b=2&k=YzA3YWI2ZWhhMm1mbmg3PWM6ZD0wY2BlYWVubTEyYzgwPz84NWEwMjVlPTI0OjA5Yjc3MTZgMmllYGVuNzFlZGN8N35iZWVkYXRtfG59N3djbWRrMCpgJWE1bj8xamM8MGE_ODVgMHw1fz1nNDUwbGJlNz42MjIzZWJlPzc3ZS1jPTdmYjBlPGFp&d=1&i=1662790979&e=&lip=ams-prod-weblegacy-68b79bc4f5-k245n&ti=1662790979&_=1662790980209
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/js/jquery-6.4.9.04.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.investing.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cross-origin-embedder-policy
unsafe-none
x-cache-status
BYPASS
content-security-policy-report-only
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://rbmeuulvihtwm2eltjhwimi2.httpschecker.net/report
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
cross-origin-opener-policy
cross-origin
vary
User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
content-security-policy
upgrade-insecure-requests; block-all-mixed-content
cf-ray
7486128a5b499193-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
beacon.js
sb.scorecardresearch.com/ Frame 5E78 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-32.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 04:02:35 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
8432
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
NNX03EpAoMXX4AaZzykQHg8W_2NpYjM4iKIRRB7POT7BC4VneeLJ_A==
invisible.js
www.investing.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame D1F8 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investing.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662782400
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7257764ded869cbf592f0884d038dca14bc4f4954cb9ea0632862bae7fceb06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7486128afc2a9193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.facebook.com/tr/ Frame 5E78 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=751110881643258&ev=PageView&dl=https%3A%2F%2Fwww.investing.com%2F&rl=http%3A%2F%2Fredirect.cdn77.cloud%2F&if=true&ts=1662790980335&sw=1600&sh=1200&v=2.9.79&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&it=1662790980106&coo=false&tm=1&rqm=GET
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sat, 10 Sep 2022 06:23:00 GMT
3-0YohTEdRk.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ Frame 54D2 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/3-0YohTEdRk.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b997b88968405d0fde491621a319d4d6fc62c6f6f8ddc7ae84f35a61ed6358b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rqD28LySudnum1t923PaVw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5393
x-fb-rlafr
0
x-fb-debug
8gVfsp9eQrr5ChhD66l7U831q8z5W6VpMFgf3z4LNa5wblaDOYTYn/oNWj/jF2urIZd68VO7vGdC9TEOtwEEpw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 09 Sep 2023 16:02:31 GMT
5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame 54D2 		2 KB
1020 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qp62alFG777So/ro/wbkaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
829
x-fb-rlafr
0
x-fb-debug
CWbiFxxiYib+hR8iqE1kIYimJ/sSdiFKJHYcDAwB0035HDBSLTTgwkfaWhUhi48L+ekZD9mhXUYepE/rV02QiQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 08 Sep 2023 19:21:24 GMT
xUCu69_VoIG.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame 54D2 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G4bSvzLG2IH4kVzNTn3U6A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
871
x-fb-rlafr
0
x-fb-debug
notiw9NWhE6PBYokBqvhWiSI7KSYGWtI1FXcXIObDyAUOgaLvkm1OjOFR7r5gn/biyqKEQxog9Dco7pysGT4wA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Sep 2023 19:17:36 GMT
OVsz4HotoAk.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 54D2 		320 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/OVsz4HotoAk.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22ae1badce6b58fbf0884022126b7adba00f50c8e68b6e9dbe9913e939650d87
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JbcIvZzz9En1H9F+uEUKXg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88477
x-fb-rlafr
0
x-fb-debug
h/KKT+iWjaAvgDHtJHwkYDoU0I/wFfp3Ow/CYXpdtf/jEafcgzGLHbS1qjcpMelewzuj9SMDczgAUiPkQYHOrg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 08 Sep 2023 17:05:18 GMT
iiDbYMCPtB3.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 54D2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/iiDbYMCPtB3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c01bda88c70f4508fe21057233d32a63b91052cac425a9027a1f930866d4e33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Uz/0UZ4sf3f6xy7wRFf48w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
b9X/fVWTkcqr0ijNsQDebBLV+QAQ/1TMPtsxTZ6hpDLSWS4CM1e2t1ydBx82Xs0XMA+8Eh5ZE5SIZdTmFtFrsA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Sep 2023 21:06:14 GMT
WaP6_wt5x02.js
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 54D2 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/WaP6_wt5x02.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b60301c156ad1a0c965b17b78660a631499a95fa8a13c14be4a1710b6a77b593
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pmUz9YRPCxPUqCkbwwkZ2g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12174
x-fb-rlafr
0
x-fb-debug
sAorJKqnLCJ7VgxnmJVMNsxFxYfNKVyur17clGtEV5cG0ZQI+AyKMpmJoc693iUa6B7Y6yGmgUMm7lBjYe7Nmg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 01 Sep 2023 05:18:50 GMT
Oz0iPPgh22l.js
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 54D2 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/Oz0iPPgh22l.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93cb7596fc6a830eadbab0f5aaa62a44875c3222cce6ab8d8a0784c2c93c50b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6dxwWtzxByfjtGEXnrZviw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15843
x-fb-rlafr
0
x-fb-debug
C8z/AsRV9WzHa5K/OZknsaIPeomHzH8VBkINNltHttOiW2qF0Yoc3VQRwmdYvxnOzw04VUJgZAJJ6YmQ487g/g==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Aug 2023 16:13:27 GMT
InKNvzcBSB1.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yT/l/de_DE/ Frame 54D2 		83 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yT/l/de_DE/InKNvzcBSB1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
368a668392b29597e24b6a4a417bd4bca6b0b507ba5efa80aa6bb8f9ddd3ff0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YTl94aHW7KkrEtW7jv3ONQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23391
x-fb-rlafr
0
x-fb-debug
zQXP5sfGgsiTVndAaJPsN5nqYjWe7+QUm9cDHvszWvstALY+tyLomB7usxxuccHP/k2KAmt1taY90jhEOQf+vQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Sep 2023 23:24:55 GMT
293603523_5114620295315175_8587933140081288822_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 54D2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/293603523_5114620295315175_8587933140081288822_n.jpg?stp=dst-jpg_p130x130&_nc_cat=103&ccb=1-7&_nc_sid=dd9801&_nc_ohc=cF1Fo9-SNDMAX8tTUPC&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT-Kh9YlGSoUVtNjsSY_WFi-c5mRrJxZVC_TtBWp38JOZA&oe=63205B25
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9686fd6b6a13d2c306132406f62fd12c6d47bd9b4b6c57cd4af71bae22e223f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-haystack-needlechecksum
953183519
date
Sat, 10 Sep 2022 06:23:00 GMT
x-fb-trip-id
917726464
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1254522383
cache-control
max-age=1209600, no-transform
last-modified
Mon, 18 Jul 2022 14:29:13 GMT
cross-origin-resource-policy
cross-origin
x-needle-checksum
3511443265
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
16263
106982451_2895416580568902_7035415975291280104_n.png
scontent.xx.fbcdn.net/v/t1.6435-1/ Frame 54D2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t1.6435-1/106982451_2895416580568902_7035415975291280104_n.png?stp=cp0_dst-png_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=YSCiSz2hwEwAX9ZIcfh&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT9dmFFfaef2rgAmHmY_hrvymVnThAjrJ40VWxVfgMGZIQ&oe=634019F4
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finvestingdotcom&width=280&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a7c32bebe510d3cc571c9bb0d2f415c079eeb153937fc07f1e274781ba07f242

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-haystack-needlechecksum
3635486017
date
Sat, 10 Sep 2022 06:23:00 GMT
x-fb-trip-id
917726464
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=803629856
cache-control
max-age=1209600, no-transform
last-modified
Sun, 05 Jul 2020 13:01:45 GMT
cross-origin-resource-policy
cross-origin
x-needle-checksum
3335961560
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2371
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ Frame 5E78 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=loadAfterGApiReady
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a17fc9f326fc2b2f9f290ef004383d7dc046f777c6efe021fc52194c1d404dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36464
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 07:25:48 GMT
unifiedPixel
tr.outbrain.com/ Frame 5E78 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00d807ecaf50797b1d395f73b69546fffe,000db184beb9a909eee965fa2a171ddf57,00904195be294634c70045ea080f2b7d98,00dd52b52a802e7a5255645bac2189a054&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.investing.com%2F&optOut=false&bust=09821060281665603&referrer=http%3A%2F%2Fredirect.cdn77.cloud%2F
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 06:23:00 GMT
Cache-Control
no-cache
X-TraceId
3d0917bef0a58011c77faca78bf18705
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
otCenterRounded.json
cookie-cdn.cookiepro.com/scripttemplates/6.38.0/assets/ Frame 5E78 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/assets/otCenterRounded.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
dxIG1EjBSvU0szEzzNzBnA==
age
9938
x-ms-lease-status
unlocked
last-modified
Wed, 06 Jul 2022 01:34:12 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9cb34d9f-e01e-0078-0258-9c9bb5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7486128bb8429124-FRA
expires
Sat, 10 Sep 2022 10:23:00 GMT
otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/6.38.0/assets/ Frame 5E78 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/assets/otCommonStyles.css
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
TLLtdkuMahUQRVIfmZNHNw==
age
2826
x-ms-lease-status
unlocked
last-modified
Wed, 06 Jul 2022 01:34:32 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
c0dd9c42-a01e-000b-4058-9cc326000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7486128bb8439124-FRA
expires
Sat, 10 Sep 2022 10:23:00 GMT
info
streaming.forexpros.com/echo/ Frame 5E78 		74 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.forexpros.com/echo/info
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/js/main-1.17.323.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:246f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5583e7be4db7fdbc7b2683dee4ca138f49ad4a5275172032ecfc94558b9c81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.investing.com
access-control-allow-credentials
true
cf-ray
7486128bfb099963-FRA
b2
sb.scorecardresearch.com/ Frame 5E78 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=16896267&cs_it=b3&cv=3.8.0.210223&ns__t=1662790980458&ns_c=UTF-8&ns_if=1&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=UK&cs_cmp_nc=0&cs_cmp_id=28&cs_cmp_sv=1&cs_cmp_rt=1&c7=https%3A%2F%2Fwww.investing.com%2F&c8=Investing.com%20-%20Stock%20Market%20Quotes%20%26%20Financial%20News&c9=http%3A%2F%2Fredirect.cdn77.cloud%2F
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-32.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
hbHCCLyiLL_h3_g6eZOVdX_aWGLT-6uCGQtXOBnVtkK0gXFCUr2mHQ==
x-cache
Miss from cloudfront
iframe
accounts.google.com/o/oauth2/ Frame EF69 		280 B
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3529f0e23cbaa19832e96f2cdbb70aaec4e964e56a2f3e17f8353f94e8ee6b6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D0bdqs52Sb7cHEDHKGwocA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.investing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-D0bdqs52Sb7cHEDHKGwocA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:23:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
pica.js
www.investing.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame D1F8 		19 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.investing.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032fb9cd4b5fe62bc2c4ea1007bc779e868b136b81bc28e0dc7809cf6606bc16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7486128c6db39193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 54D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
x-content-type-options
nosniff
content-md5
iN31dShDArRt9ZikrDb13w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2616
x-fb-rlafr
0
x-fb-debug
npuUb/9SF65xlUpS7XIDwLS0g5GmXFpzv7hVVHViKnatAmesIdvGwdU3yfCpzHsOgFez9dBbMOSWlPgePMGZpQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 01 Sep 2023 02:59:41 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 54D2 		573 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/3-0YohTEdRk.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/3-0YohTEdRk.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
+UdllBYLhAPi1FSLhErt7l8sRPIC4kGXYqteywDvb+gmSE/klfpNIAnGly/W9wEXtkUso4B3M8PTENJKHQxgVQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 31 Aug 2023 02:33:50 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame EF69 		2 KB
850 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: contratecontrole.tim.com.br
URL: http://contratecontrole.tim.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d5d337d33c62949c8e88278fd431574951daced8e26f0b8eb77a9512368edcbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
1lYRIUv3fB9.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 54D2 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/1lYRIUv3fB9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/OVsz4HotoAk.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
faf79cb9e29372a0c931d3c576f286c1ae40f22a5c24c089ab51e06685775660
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5PIhxmQubFGcokYgJ6FXEg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7237
x-fb-rlafr
0
x-fb-debug
a6aGur8llFI4UjXlF691beJVH3L0HeRlm1ZYpvEkys3SCt8Cy6cpMKpEPqffLvq+8EHnDlVJTJbfpMXEeVaRxA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 08 Sep 2023 21:06:15 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Qjm2Z2CXqV0.es5.O/d=1/rs=AOaEmlHuXbcGiIpiqwkVQo5kVfNMjdVCwg/ Frame EF69 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Qjm2Z2CXqV0.es5.O/d=1/rs=AOaEmlHuXbcGiIpiqwkVQo5kVfNMjdVCwg/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76bcc25e1a26f4f763e5166ac74cf4f66bfc2541fe45f3f8220c4fe3cf5a453a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 06:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34869
x-xss-protection
0
last-modified
Sat, 03 Sep 2022 01:09:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 06:21:25 GMT
get
odb.outbrain.com/utils/ Frame 5E78 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.investing.com%2F&idx=0&rand=78418&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&adblck=false&abwl=false&px=305&py=3161&vpd=3011&cw=652&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000877&sig=7fdJn1Kt&apv=false&false&osLang=en-US&winW=1580&winH=150&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPfFkMAPfFkMAAcABBENCgCgAAAAAH_AAChQAAAR_AJMNW4gC7MscGbaMIoEQIwrCQ6gUAFFAMLRAYQOrgp2VwE-sIGACAUATgRAhxBRgwCAAASAJCIgJAjwQCIAiAQAAgAVCIQAMbAILACwMAgAFANCxRigCECQgyICIpTAgKkSCg3sqEEoO9DTCEOs8AKDR_xUICNZAxWBEJCwchwRICXiyQPMUb5ACMEKAUSoVAAA.YAAAD_gAAAAA&cmpStat=1&ccpaStat=0&iframe=true&ref=http%3A%2F%2Fredirect.cdn77.cloud%2F&ogn=https%3A%2F%2Fwww.investing.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
692cc0e5d851f67bd43aa4cedafd9046cdcc02b1e417ec79af8d5a6bfe10597f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1662790981.701618,VS0,VE205
accept-ranges
bytes
x-served-by
cache-lga13624-LGA, cache-fra19134-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
7c9b21687e187ac52a6c812f597c78c1
content-encoding
gzip
content-length
16292
expires
Thu, 01 Jan 1970 00:00:00 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame EF69 		49 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.investing.com&client_id=606447380154-9825jtap5as2sm0f868m536j6v8ptgo7.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Qjm2Z2CXqV0.es5.O/d=1/rs=AOaEmlHuXbcGiIpiqwkVQo5kVfNMjdVCwg/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-BHyEoK_INRAIZR1dT_-8BQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-BHyEoK_INRAIZR1dT_-8BQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
expires
Sat, 10 Sep 2022 06:23:00 GMT
7486128579e5918c
www.investing.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame D1F8 		2 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.investing.com/cdn-cgi/challenge-platform/h/g/cv/result/7486128579e5918c
Requested by
Host: www.investing.com
URL: https://www.investing.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662782400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
br
server
cloudflare
cf-ray
7486128e98879193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ Frame 5E78 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1656855974.293667"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Mon, 10 Oct 2022 06:23:00 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 5E78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.investing.com
URL: https://www.investing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 10 Oct 2022 06:23:00 GMT
l
mcdp-nydc1.outbrain.com/ Frame 5E78 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=69843d7b95bd1da103c952614771eda0_6406_1662790980854&tm=860&eT=0&widgetWidth=652&widgetHeight=573&widgetX=305&widgetY=3169&wRV=2000877&pVis=1&lsd=-1&eIdx=&cnsntV2=CPfFkMAPfFkMAAcABBENCgCgAAAAAH_AAChQAAAR_AJMNW4gC7MscGbaMIoEQIwrCQ6gUAFFAMLRAYQOrgp2VwE-sIGACAUATgRAhxBRgwCAAASAJCIgJAjwQCIAiAQAAgAVCIQAMbAILACwMAgAFANCxRigCECQgyICIpTAgKkSCg3sqEEoO9DTCEOs8AKDR_xUICNZAxWBEJCwchwRICXiyQPMUb5ACMEKAUSoVAAA.YAAAD_gAAAAA&cheq=0&rtt=254&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sat, 10 Sep 2022 06:23:01 GMT
content-encoding
gzip
X-TraceId
683bed95399229d15fd1449fe68ba351
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
style
accounts.google.com/gsi/ Frame 5E78 		533 B
328 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bsIiCdKIri1qn1sL_j759w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bsIiCdKIri1qn1sL_j759w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 10 Sep 2022 06:23:00 GMT
status
accounts.google.com/gsi/ Frame 5E78 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=606447380154-9825jtap5as2sm0f868m536j6v8ptgo7.apps.googleusercontent.com&as=ozrJpdmbDx%2BOEE833u7Fpg
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1698d4712f381bf548c0cfbcd54d34edfdd79bb67a64e7fee74f77d63b44d2a6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-I4w3QPKqOjcq7XQY360z0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.investing.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-I4w3QPKqOjcq7XQY360z0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum
www.investing.com/cdn-cgi/ Frame 5E78 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.investing.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.investing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type
application/json

Response headers

date
Sat, 10 Sep 2022 06:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.investing.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
7486128ee8df9193-FRA
vary
Origin
collect
k.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://contratecontrole.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
http://contratecontrole.tim.com.br
date
Sat, 10 Sep 2022 06:23:01 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
8ac61a4e91f8bfe835d2ddad727ce62c_1day.json
sbcharts.investing.com/charts_xml/ Frame 5E78 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sbcharts.investing.com/charts_xml/8ac61a4e91f8bfe835d2ddad727ce62c_1day.json
Requested by
Host: i-invdn-com.investing.com
URL: https://i-invdn-com.investing.com/js/jquery-6.4.9.04.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c9899cc9ca71e0064f9bd35f5b67db892aef52517c1ed1389953c178b11138
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.investing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 06:23:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cross-origin-embedder-policy
unsafe-none
x-cache-status
STALE
content-security-policy-report-only
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://rbmeuulvihtwm2eltjhwimi2.httpschecker.net/report
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 09 Sep 2022 21:59:03 GMT
server
cloudflare
cross-origin-opener-policy
cross-origin
etag
W/"1ae5-5e845a76f4955-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
*
content-security-policy
upgrade-insecure-requests; block-all-mixed-content
cf-ray
74861290cfb368eb-FRA
/
eum-orange-saas.instana.io/ 		0
13 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-orange-saas.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.4.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.4.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://contratecontrole.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 10 Sep 2022 06:23:01 GMT
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZH21843T10&gtm=2oe970&_p=1745492969&cid=1554895828.1662790977&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1662790977&sct=1&seg=0&dl=http%3A%2F%2Fcontratecontrole.tim.com.br%2F&dt=TIM%20CONTROLE&en=scroll&epn.percent_scrolled=90&_et=30
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH21843T10&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://contratecontrole.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 06:23:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://contratecontrole.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
us-sonar.sociomantic.com
URL
http://us-sonar.sociomantic.com/js/2010-07-01/adpan/tim-br
Domain
www.americanas.com.br
URL
https://www.americanas.com.br/?utm_medium=afiliados&utm_source=aflb2w&utm_campaign=marca:acom;midia:afiliados;formato:00;subformato:00;idcampanha:acom;franq:1076683&utm_content=22193_1662790979_24aa0bee580ccbeb586bd3d0afb53d6b&epar=AF_00_00_AB_ACOM&opn=AFLACOM&franq=1076683

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| InstanaEumObject function| ineum object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| twq object| carnage object| angularApp function| $ function| jQuery object| angular function| require object| angularSpinner object| @uirouter/core object| @uirouter/angularjs object| angulartics function| Spinner object| ngMaterial object| wza.directives object| input object| wza.services object| credit-card object| error-message function| Fingerprint2 object| congrats-message object| select object| email-autocomplete object| timlive-crosssell function| Color function| Chart object| WebFontConfig function| fbq function| _fbq object| product object| uetq object| universal_variable object| uolads string| TiktokAnalyticsObject object| ttq string| cookieName undefined| cookieValue number| expirationTime string| date number| dateTimeNow object| google_optimize string| KwaiAnalyticsObject object| kwaiq object| install object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| WebFont object| AWIN function| AwinCustomEvent function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| fanplayr object| fanplayr_api function| fanplayr_ready object| TTTagManager function| TTTagManagerError object| _ttq_tim_controle function| UET function| UET_init function| UET_push object| ueto_a52e235d3d object| regeneratorRuntime object| twttr object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge number| instId string| campaignId string| pageType string| blueProductId string| transactionTotal string| transactionId string| p1 string| p2 string| p3 number| pixelMode string| fingerprint function| setLocalStorage function| getLocalStorage function| setSessionStorage function| getSessionStorage function| setCookieBlue function| getCookieBlue function| generateUid object| blue function| documentReady function| executeFlow function| loadFunction function| executeRequests function| blue_obj function| createDivElement function| createIframeElement function| createScriptElement function| createImgElement function| isSessionStorageEnabled function| isLocalStorageEnabled function| isCookieEnabled object| blue_q string| blue_v string| bluecpy_id number| idxCampaignId number| idxPageType function| Weblog object| events function| fanplayrCustomAfn undefined| jQuery1111041132272948222526_1662790977838 function| clarity object| UOLPD function| triggerUOLTM function| docReady number| $smcInstall function| b133 object| $smctResources object| $smctData string| shopf string| refer string| refer2 string| re object| veoxa_if function| e boolean| cmCalled function| callCmInternal object| $jscomp object| $smcT5 function| setImmediate function| clearImmediate object| advcake_int number| advcake_attempt undefined| advcake_order_id undefined| advcake_order_price function| advcake_order object| advcake_data string| n string| nq object| cmds object| _tim_controle object| ttcNamespace string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder

75 Cookies

Domain/Path Name / Value
.tim.com.br/ Name: _gcl_au
Value: 1.1.19703031.1662790977
.adnxs.com/ Name: uuid2
Value: 8842013843892974786
contratecontrole.tim.com.br/ Name: utm_source
Value: undefined
contratecontrole.tim.com.br/ Name: clickid
Value: undefined
.tim.com.br/ Name: _ga_ZH21843T10
Value: GS1.1.1662790977.1.0.1662790977.60.0.0
.tim.com.br/ Name: _ga
Value: GA1.3.1554895828.1662790977
.tim.com.br/ Name: _gid
Value: GA1.3.2087762515.1662790977
.tim.com.br/ Name: _dc_gtm_UA-19358192-1
Value: 1
.bing.com/ Name: MUID
Value: 022073F548046D471EED61EE498F6C6A
.tim.com.br/ Name: _uetsid
Value: 02f790c030d111ed8e306b4415b8433f
.tim.com.br/ Name: _uetvid
Value: 02f7bc6030d111ed89cb6d23228d130b
.t.co/ Name: muc_ads
Value: 11d6767d-36f4-46b6-877f-1a0854ef029e
contratecontrole.tim.com.br/ Name: blueID
Value: 9758bd73-912c-48ff-a5d9-2f86c486f7f6
secure.afilio.com.br/ Name: AWSALBCORS
Value: 7n1OAO+7ove5COTECTILkZTyW3bXpLD3eaoijC6RSOH746mrURIKLig9DQ6fyUueKnP9KROUX9GRd8qRn5pzyxaQbipIj0BaygsQbiQ4WTVA08fLK910cDXx4TD4
.afilio.com.br/ Name: afilio-uuid
Value: 867c3fff-44d1-57bc-912c-a2446cdb8e16
.tiktok.com/ Name: _ttp
Value: 2EZ6tvGReomCBPIzeHwRsMGUrRl
.tim.com.br/ Name: _tt_enable_cookie
Value: 1
.tim.com.br/ Name: _ttp
Value: 58b9566c-3868-4fdd-beb5-dda0a9decc66
www.clarity.ms/ Name: CLID
Value: 7a89507c37984b98b510cae6636ff1d3.20220910.20230910
.twitter.com/ Name: personalization_id
Value: "v1_dxQsx0NBcN8paFkasYoQuQ=="
.tim.com.br/ Name: _clck
Value: byfsw7|1|f4r|0
.doubleclick.net/ Name: IDE
Value: AHWqTUnRAnzzcNsx0D_CL_z_bXeojRA84txXisYTXP-zdW_Z97lh-uDhFyEZrYbybTM
.tim.com.br/ Name: _fbp
Value: fb.2.1662790978232.388574467
.tim.com.br/ Name: smc_uid
Value: 1662790978445226
.tim.com.br/ Name: smc_tag
Value: eyJpZCI6NDI5OSwibmFtZSI6ImNvbnRyYXRlY29udHJvbGUudGltLmNvbS5iciJ9
.tim.com.br/ Name: smc_session_id
Value: HeUnAXpoxznYmUkh1Hsh4jiaREXynr5G
.tim.com.br/ Name: _clsk
Value: 1nvccwh|1662790978566|1|1|k.clarity.ms/collect
.contratecontrole.tim.com.br/ Name: user_unic_ac_id
Value: a6a4fc60-5420-9589-db29-65936ca3b001
.contratecontrole.tim.com.br/ Name: advcake_trackid
Value: b1062d62-0974-b9f5-b40b-ff79ceaf6baf
contratecontrole.tim.com.br/ Name: tt_c_vmt
Value: 1662790979
contratecontrole.tim.com.br/ Name: tt_c_c
Value: direct
contratecontrole.tim.com.br/ Name: tt_c_s
Value: direct
contratecontrole.tim.com.br/ Name: tt_c_m
Value: direct
contratecontrole.tim.com.br/ Name: _ttuu.s
Value: 1662790979023
.tim.com.br/ Name: smc_tpv
Value: 1
.tim.com.br/ Name: smc_spv
Value: 1
.tim.com.br/ Name: smc_sesn
Value: 1
.tim.com.br/ Name: smc_not
Value: denied
.c.bing.com/ Name: SRM_B
Value: 022073F548046D471EED61EE498F6C6A
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 022073F548046D471EED61EE498F6C6A
.c.clarity.ms/ Name: ANONCHK
Value: 0
.t.tailtarget.com/ Name: u
Value: fwAAAWMcLUOikwahDE/RAgB=
.t.tailtarget.com/ Name: _ssc
Value: y
contratecontrole.tim.com.br/ Name: tt.u
Value: 0100007F432D1C63A10693A202D14F0C
.awin1.com/ Name: aw22193
Value: 1076683|0|0|1662790979||aw|0
.awin1.com/ Name: bId
Value: HLEX_631c2d43e461d5.47777394
.zenaps.com/ Name: aw22193
Value: 1076683|0|0|1662790979||aw|0
.zenaps.com/ Name: bId
Value: HLEX_631c2d43e461d5.47777394
.betano.de/ Name: btag
Value: a_8454b_817c_
.betano.de/ Name: __cf_bm
Value: LaXei3k0oUKbEoM4SQT1vIqz.cKmFNvJuIfWqUUPpsM-1662790979-0-AZzgNVsqUdqaZK3pyzsEa3VvL/I0rfbecXAgttq8yUS5ny8tnP7cf5Q1i139Ou0WujWrVEeN6XE3yefRsgFM9uQ=
.t.tailtarget.com/ Name: ttbprf
Value: _erlangen_bavaria_de_1662790979343_1365181738
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
contratecontrole.tim.com.br/ Name: tt.nprf
Value:
.betano.com/ Name: __cf_bm
Value: FjJa7zQMeaVXexfXWjDmKNzW8uXNy3yvPZPms8iqing-1662790979-0-ASlg3wkZ8qlFbbipc47/7edbST95oMvfYT70tk/qwGo9kU8pboB/5KqWJf2OmUSUjPfwADOHKi6JSHEbizsAgEo=
cl.betano.com/ Name: __cflb
Value: 02DiuGceHiQJNHkJzaKsG1yHjzztzbjAdEzxCezNrQT4c
.betano.pt/ Name: __cf_bm
Value: Cg7Egn8yS9Wbf4V9BZSrA5CzxF74DwmSJF1ipX.gjSg-1662790979-0-AZtcGaHKbxF8JqY3eQn+EgBfxTBixBY5Jqir6uWyYqFGFh8yB1rWCozGPJsUWntDlyz5YHR922xjOYE86fz3ccg=
.entainpartners.com/ Name: __cf_bm
Value: 5NyovGL7LbCW2MIjMGX_WM850GwzsiMca3D1DxGdPYY-1662790979-0-AQRqRS4fsk0px9wZYu0Eeble9N329fxFj0k1qpFfoJElVsOow2P2s5MTIKIuCUXXlQ/mjzh2OJWNmsZAfpom4DQ=
.tt-9892-2.seg.t.tailtarget.com/ Name: ttca
Value: _1662790979
www.investing.com/ Name: __cflb
Value: 02DiuGRugds2TUWHMkimMbdK71gXQtrnhe8vBnnYbqm1N
.sportingbet.com/ Name: __cf_bm
Value: 3aE8xeUdHWPJo5bMpAVMq072uFqMmtJ4se8X5HWTf6o-1662790979-0-AdozLaL3DyeQFEIm8S5zJQjFF91gbZTH+EPg3+ikzBf9pgjwrgKu31t4x0vG6azc8kDZoj3pHNj+P57SjFpqiAIyhTz5ObkTR9NRyKHybbAQ
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2Hb:u$2DbNNNjKi3>jxR(`=^Z3)<7'<B#j'C.U>Jo4BgBbnfPBvP1Q2^'kpC(X6=BXBBWBg#Mo'h0y<O5%vDN3FR@PsXH%!*T)Ls/RJl
.t.tailtarget.com/ Name: n
Value: 1662790979
.sportingbet.de/ Name: ASP.NET_SessionId
Value: enc5z03l3hdktiu5wvkr1ge1
.sportingbet.de/ Name: trc.cid
Value: 1c0815cbfa3a40ecaddc4996a9059117
.sportingbet.de/ Name: usersettings
Value: lc=false&cid=de-DE&vc=1&sst=2022-09-10T06:23:00.0977976Z&psst=0001-01-01T00:00:00.0000000Z&lsid=enc5z03l3hdktiu5wvkr1ge1
.sportingbet.de/ Name: lang
Value: de
.sportingbet.de/ Name: skipUserLanguage
Value: 1
.sportingbet.de/ Name: trackerId
Value: 5201073
.sportingbet.de/ Name: trackingAffiliate
Value: 5201073
.sportingbet.de/ Name: __cf_bm
Value: F_Tiy7vlZltsT6XhqlfuzrgMJA5Ebekch0lRGdjXybI-1662790980-0-Ac1afk/K4sESls66760uc9xUalB5n0TSIBQdz2WeGPUwfJZhkhL8B23otlYHiYgSLvqLFdnHnqRJDP87MGt+ye8=
.google.com/ Name: NID
Value: 511=mZjZY9_J5ffXU15IOA1xgLUQNcTr7DMUHNKjVdJGtoTZSxU58oHDOug64A5URa-2HUdPQteex-0JP_GodDTcNROadM1-x2Jfo4XVVvSvTSh1FBJlAivO5BktieMRDcpkJSlydbBswoxykCg7rWspjClY_zb_2B3_pvw2GMCjUI8
.investing.com/ Name: __cf_bm
Value: oL7piy7OQamyxc7YGaLBqz9V0f6MLA_.DwVkcO9FT38-1662790980-0-AZhGOJ1Y/hjE88PexmmcbnY85UKywJuQKjLbqgJISLjQWRZVzpUMuGuQywmZ2fZkwohihd4HeeaDVrafSFbyP8j9fndTBvQcyTq1DCUlgCCGW3YHgF4c8iDTfTE7VL8NVGjWys7e7plYlCeBVGW9ZT8ltXRepfchxrRQEA6nAUsv
.tim.com.br/ Name: smct_session
Value: %7B%22s%22%3A1662790979456%2C%22l%22%3A1662790984456%2C%22lt%22%3A1662790980463%2C%22t%22%3A2%2C%22p%22%3A6%7D

6 Console Messages

Source Level URL
Text
network error URL: http://us-sonar.sociomantic.com/js/2010-07-01/adpan/tim-br
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.tim.com.br/Portal_Conteudo/_staticfiles/internet/gbwooza.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://casadeapostas.com/pt-br/?pmc=EONF
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.americanas.com.br/?utm_medium=afiliados&utm_source=aflb2w&utm_campaign=marca:acom;midia:afiliados;formato:00;subformato:00;idcampanha:acom;franq:1076683&utm_content=22193_1662790979_24aa0bee580ccbeb586bd3d0afb53d6b&epar=AF_00_00_AB_ACOM&opn=AFLACOM&franq=1076683
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
admaxium.com
advcake.dataroyal.com.br
ajax.googleapis.com
amplify.outbrain.com
analytics.fatmedia.io
analytics.tiktok.com
analytics.twitter.com
api.mythad.com
apis.google.com
b.t.tailtarget.com
bat.bing.com
br.betano.com
c.bing.com
c.clarity.ms
casadeapostas.com
cdn.cookielaw.org
cdn.dsspn.com
cdn.fanplayr.com
cdn.taboola.com
chc.wooza.com.br
cl.betano.com
cm.g.doubleclick.net
cms.getblue.io
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
contratecontrole.tim.com.br
cookie-cdn.cookiepro.com
d.tailtarget.com
d1-invdn-com.investing.com
d2d7do8qaecbru.cloudfront.net
e1.fanplayr.com
eum-orange-saas.instana.io
eum.instana.io
event.getblue.io
firehose.eu-west-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gml-grp.com
gtw.celulardireto.com.br
hitbr.acstat.com
i-invdn-com.investing.com
ib.adnxs.com
js.smct.io
k.clarity.ms
mcdp-nydc1.outbrain.com
mediamathrdrt.com
mediaserver.entainpartners.com
my.fanplayr.com
odb.outbrain.com
prdredir.com
redirect.cdn77.cloud
region1.analytics.google.com
rt.ad-score.com
s1.kwai.net
sb.scorecardresearch.com
sbcharts.investing.com
scontent.xx.fbcdn.net
secure.adnxs.com
secure.afilio.com.br
securepubads.g.doubleclick.net
smct.co
sports.sportingbet.com
sports.sportingbet.de
static.ads-twitter.com
static.cloudflareinsights.com
static.doubleclick.net
static.hotjar.com
static.xx.fbcdn.net
stats.g.doubleclick.net
streaming.forexpros.com
t.co
t.tailtarget.com
tags.t.tailtarget.com
tcheck.outbrainimg.com
tm.jsuol.com.br
tm.uol.com.br
tr.outbrain.com
trkmad.com
tt-9892-2.seg.t.tailtarget.com
us-sonar.sociomantic.com
vu.adschoom.com
widget-pixels.outbrain.com
widget.getblue.io
widgets.outbrain.com
www.americanas.com.br
www.betano.de
www.betano.pt
www.clarity.ms
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.investing.com
www.tim.com.br
us-sonar.sociomantic.com
www.americanas.com.br
104.16.100.49
104.18.33.254
104.244.42.195
104.244.42.197
108.138.17.117
13.32.99.79
151.101.14.132
151.101.193.44
172.217.18.98
177.54.158.78
18.230.28.231
18.66.15.82
185.104.208.41
185.89.210.212
185.89.210.82
199.232.16.157
20.234.93.27
20.96.88.162
2001:4860:4802:32::36
2001:4860:4802:34::15
23.23.45.103
23.35.229.181
23.35.237.86
23.36.163.228
2600:9000:206e:f200:6:9eb2:5cc0:93a1
2600:9000:206e:fa00:9:433f:4c80:93a1
2600:9000:206f:3200:6:5b96:3f00:93a1
2600:9000:2304:8800:f:8ce2:fb80:93a1
2606:4700:10::ac43:47d
2606:4700:3031::6815:2a29
2606:4700:3032::6815:e89
2606:4700:3036::6815:1f54
2606:4700:3037::6815:2795
2606:4700:4400::6812:2337
2606:4700:4400::6812:246f
2606:4700:4400::6812:2962
2606:4700:4400::6812:2a52
2606:4700:4400::ac40:91ae
2606:4700:4400::ac40:9329
2606:4700:4400::ac40:950d
2606:4700:440e::6812:2fe6
2606:4700::6810:9440
2606:4700::6810:cc16
2606:4700::6811:2d1e
2606:4700::6811:5559
2606:4700::6811:7050
2620:1ec:27::cafe:1644
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:806::2006
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200d
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c07::9c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a05:d018:94a:8a00:e936:6459:f314:3358
2a06:98c1:3121::c
34.102.185.99
34.120.4.21
34.192.69.220
34.235.56.48
35.168.107.86
35.201.123.184
35.208.216.174
35.227.215.158
43.152.137.21
44.194.145.99
45.60.65.22
52.30.226.81
52.67.55.211
54.94.91.194
70.42.32.31
84.17.42.228
95.131.137.7
99.80.34.227
99.86.4.32
02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4
032fb9cd4b5fe62bc2c4ea1007bc779e868b136b81bc28e0dc7809cf6606bc16
0403652d2b50c5b8a56e34d591453c95b36768604f59ac58e74e53fd00ed504a
07ca2e7e846658f50dc21cee2e3ff9cc9bf5136091ec8004615ae66768097e16
08c9899cc9ca71e0064f9bd35f5b67db892aef52517c1ed1389953c178b11138
09357063cdfb623ca77185d566525a296b3b2fa4fba11acec7a3517ab05a302f
0a17fc9f326fc2b2f9f290ef004383d7dc046f777c6efe021fc52194c1d404dd
0bdcd2bd4a99d5b584b8e42c29ce1c7d6b67d8375d28dd8c424196c78942bfae
0c24cf13ae3c04ac2c029014ad4ce5e374e15d7b6380f157ad2c8c45f245ea71
0c691681677cd4ee66b526476b2dcfa80198528cf5c3ef670aaa5953976562f4
0ce8e782639e6b882d0fb171a03f581ea115c982f7a0319388fd9a4004332933
0d578529f34534236f8ac51482d097bbb41d936d917e6ebf1138aa535f62abc9
0e5583e7be4db7fdbc7b2683dee4ca138f49ad4a5275172032ecfc94558b9c81
0ecfeee2e7930a954eb70674bb2601824bef42e85d8e2f1ce6425c4ce28acbaa
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
10b8714eb5a412ab0bece0bef0fcd9553a38cd0bead58a752e346d6779051373
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b282e0322b1d4cba75cb8c8c86ca0582b02f10fece097fcdf87cb229d985a9
130b890c33817d21e0c4a5b791d1d15ac8eb74affbc3baf41fe72a824ccdec62
1504c2271c397b6953cea3b475e942d0e2e26b92db798028c8397193aa5c6d0a
1698d4712f381bf548c0cfbcd54d34edfdd79bb67a64e7fee74f77d63b44d2a6
172c60381e0c4c0377a598054bc125fdba3cfd2605c43239ea0cfa3817c18e59
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
17d01e866bba4805635e975549d038cabf1bf74b97f4d95d57941a791213235c
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e53b9a5f1e0445a5a313df0680dd0236e9b138b022dcf48f59c5b67b75362fc
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
2195c17ea2fa6e190856efb1af0f4b16feea864bff4029a0bd9b35415106ac79
22ae1badce6b58fbf0884022126b7adba00f50c8e68b6e9dbe9913e939650d87
22b8d4e12ba9e8a7b071c1658b55149291ddbb1d0f151a4bbffa6d26ae7295a6
22e605e40b9b162c771c7d0558b2b6abfae66c042236e0ba975e7793a0014e95
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
23b61cb6d6b15a445c639de815c94bdb15de52b795761506ade126c48246e379
240c56dded2b595ac599c98fe517e4aa5d4a92769dee62f44aef66d1e8a6a091
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28b21811d22d3c6ac4b9035fb96b957f1a3af9be45e1d2ccd1e60809ba3d5445
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2df534fd41c942148ee5c50e1cb25e6922715e4d4ebd2f81e4e4c2155033d8b7
2f9605b0fbf08648927581f768fca769d766b83573efaa31bd3866f543b79d27
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3037daf525678747b44b7f083f3e7f5d3d7b10abdd58f64db298fccb47ad87d6
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3529f0e23cbaa19832e96f2cdbb70aaec4e964e56a2f3e17f8353f94e8ee6b6f
368a668392b29597e24b6a4a417bd4bca6b0b507ba5efa80aa6bb8f9ddd3ff0e
3973e022e93220f9212c18d0d0c543ae7c309e46640da93a4a0314de999f5112
39a7bbeda6f94283e11ff8aac0522ca4be2a5679420bebaee6cd9c91dca73b0c
3a4c24cae2d913cd353de5a6bc1dc446a9209bebef643bd3f5d61960ea180d76
3d00f1419e9d1d49f6f376ac16c3bd9f42a1f5bdf25d0843e33f2b3e41b8c659
3fea69588c88b1a3f9a1b2055f4f9844d0a358067e63d53abca17de37d31d12d
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
41f40556d764448a5c8220598ddf5c7df825bced46014dbca751e80e3b3d429e
423526dc3a247adb6be497bfd3c2e908a7048292cb67b6902daf46754c1498f9
42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d
4351f3bcd7fdf81542f805a7e63d3bbc470363e828d1a65d9e419a2dd4f498cd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45336bf2c27960347588ebaedc466e533d74cb661ed98b7d8b45c27a54e0e596
46ed4a74eafc601b0aa2f81389185002dd37349730665110c0ff7fff8e6b88a2
4831ffdf3b5f92630c3f3f50996e83fec95f570023c396f5c8c3f5eed05ae4c8
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
49835fbd429072ee65cb5341d2cf4c3cbecde9f157f1c4d1373b18f4cbda82e7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c01bda88c70f4508fe21057233d32a63b91052cac425a9027a1f930866d4e33
4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444
4f9f5820c1452bc6f48d3a80f732a26888879ea241194f34cd520c13eb6f8e02
50a70c7b1e4e92bf57916121648db1c0598f4161cb412041275bcf32b7e3ea06
51fbc0cb95797f8301ab60bd94682e4bbbf5dfcff0e3e247a017132132c05e68
530c928f619f60b437a3d548e603211d74eda1e9e3ed6e809dd81c72f113e902
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55b544076663925a40ce57cd2724b87de6b163e773d5811e6722740bb42d1488
560245442f0ab5b6379aeacaf323be0e27acf000d42e8c58c490f6e82435141c
56e11c9ba665c426a4b9f5dd0d77146fcd1f8406f4c89af35345b24e8e9c89ce
57f3bdf4340cc327ebe08b697fc70fd5488389758edaa1d93f8279f850c0e792
58269952ef931bd373f973ae9b9e8d3fedfa353e093074ecf7f1e88607d90f8b
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5b92a408bbe994550b7055a07066d79ec13a646062d36f046dbd84a9d59e86e1
5ec80af68c385e0dd483c196cba05b5ac533feaaa38f62c7d47a53d4dd424f21
5efc12eec84925b1864f406403d15b7de10c0a9dad7f666d03c955cfdca9aa8f
6179f3545cbb6f156075116ade4897933faa893ace06a7a642e18b95e5651871
630e1eb6399754667098f1d78dea1fc0c5db88d5d6b65b7ce3282b4fd6c38341
63bc363c465a7f0ecfaef1802fc10a7e451dce463111895867af13c590a69107
6614cd4a7cce75baf989f860967ea82d2cfe20fc2049890fee49c656d40130b7
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
67853bff09e2538cc2bfe2b9ae0f11ae82ba1659323a718618e495f504e697bd
692cc0e5d851f67bd43aa4cedafd9046cdcc02b1e417ec79af8d5a6bfe10597f
69c77a10044ea62847fa9cf324841ac8ddc918218646b16090a43b51049262a3
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
7257764ded869cbf592f0884d038dca14bc4f4954cb9ea0632862bae7fceb06b
737ef43557c201d06d96b1bc246a31d741b4cc85aceec9fe0b10c3730b20b1a0
76bcc25e1a26f4f763e5166ac74cf4f66bfc2541fe45f3f8220c4fe3cf5a453a
7c5b00fb1d8632efb31ea7c36949d6bc71c4542af911398045615347c4096243
7f144aff728bf2359810868efe168abca4119f78ff5ee60f465476884c381483
7f65698a306db8c25043b42bcadddcd2a979725ee904dfa72a91cda8033fbdfe
7ff53e9b4190d3f4c96c4cd5624d3d4498e37270d8641ec52cd64ccf04479af3
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
829cf23a96e53a31f9e7aaf24e74814a75727a4c1dd7194a97b0dc057fc746e7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
846fb6b9943aab69d695459a239b058454fd907d7883086b78d22208240aca06
848850f3045556cd545bb7dab99c180b0adc65757ac600e4b042ea45cb463dc7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a5eb0a23bb6e5a6b664cdcfcab1964cce731413a2ee52d4782e4c6b2f8b79f3
8da86c40fe30d510103ee4031dd8dca52bc7311f317b4a6de4a832af1f1997b8
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93cb7596fc6a830eadbab0f5aaa62a44875c3222cce6ab8d8a0784c2c93c50b5
95f1f9d0c11a28021c39741a32189b2ba2478107ef83bb3a5ce900467c171880
960872c0480d034c2cb29dfcff6aed996857812f5bff51433882be5ed8329ec0
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97809d49d550c21e726b09be8f094442d8730de6b3605f51657322f8d3d07e66
98be3e0d4faa61fe9f55f8ff76568ce307b2a0874cc446153ce099b279308e66
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ce78d365e44fb97acbf006ae09b91f8e323ea01ee3a2b896daa2c21db8586f2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a389cdb91b7b65a113ed24192360d6ea286ea74719d2839eef4530105ece7e7f
a6a73eba835fc16844590ab33f2ef9749b80c4a0d959746698e4bcf37303e577
a70e594af6a75f74d9b515178e7bf4933a5bd149262e24a5cdde908c9b50d14d
a71adadf670850c5a3082e27e8c3e749f0413693ebdb14c49325a5350cd29af2
a7bb3d9d47f3917b2f1170ecaabc6d5bbb4c2e7b5a2b0e65acc05c49fa64cd70
a7c32bebe510d3cc571c9bb0d2f415c079eeb153937fc07f1e274781ba07f242
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aef59d838b02fc9e6900ac119db25a74d2e193b99672091970bd401a3cbbdbd0
af4dc5ed73dcb8b4b8a5845fea775a603653ba742764913ec0d7e2f5cfa09ebe
b0c19a556d38fcce282f42e0c15f62bbd34cbeea30fcc4ca2ec2d3f8d645dc31
b38352fdc315c48279c10af6d1129a7f517f13db554c3813de846dc3ef693c8d
b60301c156ad1a0c965b17b78660a631499a95fa8a13c14be4a1710b6a77b593
b8ea1e0c263c782515344bc3d6777b260c0e2b2c9404c154483cd3937dc2f13a
b997b88968405d0fde491621a319d4d6fc62c6f6f8ddc7ae84f35a61ed6358b2
ba71b7e5de25323aad0c61c8f6c811667394aaaf6b5680a1b709c6c878633aa2
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bc8b2b510fd62c319d3c95ffc8e037e23c2865ffba7919331d34c5260dfd1a78
be8d0e3b29298782197f0d2cb673651cc4be1b0bbcd0f062520ac69a77360b00
bf59e3b34d7f5749ef3c1786bb395d738491563a49fb7c754db78c4e2d314828
bf6748ddde5b2db6150d4031d007d6bde779f62bf30fdafa33794b7fa0fa0b02
c01db95cd773c50d06c815ca81e6dd37ba0af6412a9faa72bef37df1aabad583
c19f1d331f49d3a67ea7914372f61c61dc7558c629f911328122647efd91aac7
c9686fd6b6a13d2c306132406f62fd12c6d47bd9b4b6c57cd4af71bae22e223f
c9dce1b6fd93d1a0222b6734dd2fc2b468c8a1775ab3620fd99019da09cffa12
cc3dd6744baaaf03ec4ec6da71ea7ff3b430f3137527ee8475cb8014653b92f1
cc98b58c04f2c09b679e319f09ad511ab310e3052fca4500374b366c9c3351e3
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb78871cea82ed4e1ff7e0ac8c6f4d9df233ab3da375bc686cb371742b80d71
d0aa8794eae4d207f8bffd02baf1c4e2f1551f252caaf6c86e06395d309183c3
d0c65f2d0440a5042436e0486c5db562a84c79256b1c8b05f46f2b6420bdb490
d24ebc6f20e5873edd3fb5b4ee0b6a27f66ee6aaa31de975b0905440a9c2f930
d2542f68ee9ccbd3000b50f251b2b91220d264aeda99fe82fd1861d6de53d65c
d370befa08e3820a1df956ae59f4be3f4baae67ca7af79eca64f7e82f8a1b280
d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d
d48aa26065f58dbdee1eecdc9f990b187086b035ba25c67915205a3f775b7a41
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d5d337d33c62949c8e88278fd431574951daced8e26f0b8eb77a9512368edcbc
d65858766c18e590ab92481d0e8a678e411499055547dd170cfff3b0fd4c4a63
d913a3ce24c14263a5e1ce227c5d62d30eb4a5ba50b5ccf9a9c0bb555c9ffd0f
d941c3169786042009a53272250a6fad837d2efd07b00595c5cd6d9b13291c0c
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
d982b888f5002f4b75035abff99147fa1f0603b583104d6e11dbe393cda08896
daec4b2d4342b3e5f6f7088d78a505213d5e64d4ca4c3e142e493da0277490f8
db157c008aec98aeb27a9f747d3834a1199d40b46abb9c092b19c23f5bc5915b
dce009260c83128b674841cb92b03faf749468dceca09a813fdadd318c4bfbd2
dd095c24c35d71096971dcb92cdaaffb0bf65a999f7df55b9784ed9e6d0d50ef
de2cb677723b2ab3e96674453a2ce1428c1936a50979be31af259cfb1a21f345
de88b59ebc04d71fcaed2f497c39da1e3acb1a4a7c217dd632c41310f565b4e5
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309
e2139e1ab6d9c948b6c753ecc6cd83e91cbcfc4b7a41c97b4fba41bee02e09f2
e2e817bcf7b6b96a3581a9b209e9d79660e4ee2e301865bb3e4c407456694c01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64f421b5306d939ff1c76a6bb61c3b75458c70cf8bffca46a7f2c37b6f495df
e96cb341920c3968d6ebb8a2b719f0dc642a155805df2ca888bd552aac42a0ad
e984ba835c2cb285b6f5fcc4d1719d2cd1f20c77db6155f1b10a3c1aeab22948
ea3ea87565b91dfe4d2aff12c2930b152ea970d613f6f0b2f3895f73cc653765
eae6f8358af068fbf0fd78d705c567f3a69c0e251e95044dba07813c5989c8ba
ed1e8b46a73e231cd10baccb526b7525610b494f0f7d45698ad6eff035814c73
ee514faec1944752720cd0f3c6f3664f9fa42c7dc31ab396a0e5cfee7a4cf4e8
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c96e196dce28ba0c0b407b4f262d5555c61e6b7c1126fd810413d6f30c14c8
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4e8b8e93d3ebbf5d4e1d58bb516932af1e2439f82688b966eaacd05710cd1dd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f82e7d3c2247ad3fd88b985184bb14528a6aa4dd9a252258720c6aff947b88d3
f99e14af3f432d5d5530b1b9e060dea30e2a40bd7bdc57f3f1585b950c5f18b2
f9f31e2fce4dedf23cec6ef00d6a2f76c28e97f08809836930a3190d04d5a619
fa107458d2ccfc7cd362c7ea3110911fe7bf2e87e1ab141f180473d6a98948b0
faf79cb9e29372a0c931d3c576f286c1ae40f22a5c24c089ab51e06685775660
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff27129ffea7830b0d143c31815d7a14c9eaddf82a10ad6579acdd7d679fbbc5