app2-staging.querofinanciar.com Open in urlscan Pro
2606:4700:3108::ac42:2b29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app2-staging.querofinanciar.com/
Submission: On June 06 via api (June 6th 2024, 1:57:28 am UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 29 domains to perform 108 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b29, located in United States and belongs to CLOUDFLARENET, US. The main domain is app2-staging.querofinanciar.com.
TLS certificate: Issued by GTS CA 1P5 on April 27th 2024. Valid for: 3 months.

This is the only time app2-staging.querofinanciar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:310... 2606:4700:3108::ac42:2b29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:9e00:11:bd8b:3000:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.217.117.96 52.217.117.96	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	204.141.42.49 204.141.42.49	2639 (ZOHO-AS) (ZOHO-AS)
2	2606:4700:20:... 2606:4700:20::ac43:4bbd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.185.191.84 18.185.191.84	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:80d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2.18.64.15 2.18.64.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	35.237.183.236 35.237.183.236	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
3	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:e87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	23.46.150.82 23.46.150.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	136.143.191.190 136.143.191.190	2639 (ZOHO-AS) (ZOHO-AS)
2	3.69.37.240 3.69.37.240	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::35	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::201b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4890	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
108	39

10 2606:4700:3108::ac42:2b29 (United States)

ASN13335 (CLOUDFLARENET, US)

app2-staging.querofinanciar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9e00:11:bd8b:3000:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pagesense.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.117.96 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.141.42.49 (United States)

ASN2639 (ZOHO-AS, US)

crm.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bbd (United States)

ASN13335 (CLOUDFLARENET, US)

track.gaconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.191.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com

widget.manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.237.183.236 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 236.183.237.35.bc.googleusercontent.com

api.reclameaqui.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e87 (United States)

ASN13335 (CLOUDFLARENET, US)

mccdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.46.150.82 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-150-82.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.143.191.190 (United States)

ASN2639 (ZOHO-AS, US)

pagesense-collect.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.37.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-37-240.eu-central-1.compute.amazonaws.com

manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::35 (United States)

ASN15169 (GOOGLE, US)

server-side-tagging-kpzbp472aa-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4890 (United States)

ASN13335 (CLOUDFLARENET, US)

veiculos.fipe.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70 firebase.googleapis.com — Cisco Umbrella Rank: 3934 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 643 firestore.googleapis.com — Cisco Umbrella Rank: 1578 storage.googleapis.com — Cisco Umbrella Rank: 451 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 503 www.googleapis.com — Cisco Umbrella Rank: 54	6 KB
10	querofinanciar.com app2-staging.querofinanciar.com	858 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 780	249 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 351 www.linkedin.com — Cisco Umbrella Rank: 553 px4.ads.linkedin.com — Cisco Umbrella Rank: 6771	4 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	214 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	4 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	170 KB
5	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3163 www.google.com — Cisco Umbrella Rank: 5	423 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65 region1.google-analytics.com — Cisco Umbrella Rank: 2406	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	398 KB
3	gstatic.com fonts.gstatic.com	44 KB
3	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 943	2 KB
3	t.co t.co — Cisco Umbrella Rank: 713	880 B
3	google.de www.google.de — Cisco Umbrella Rank: 8139	190 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 63	440 B
3	manychat.com widget.manychat.com — Cisco Umbrella Rank: 85329 manychat.com — Cisco Umbrella Rank: 55875	1 KB
2	run.app server-side-tagging-kpzbp472aa-uc.a.run.app	968 B
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 11026 prism.app-us1.com — Cisco Umbrella Rank: 11133	8 KB
2	gaconnector.com track.gaconnector.com — Cisco Umbrella Rank: 58250	7 KB
2	zoho.com crm.zoho.com — Cisco Umbrella Rank: 43162 pagesense-collect.zoho.com — Cisco Umbrella Rank: 31603	4 KB
1	fipe.org.br veiculos.fipe.org.br	2 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 6473	819 B
1	mccdn.me mccdn.me — Cisco Umbrella Rank: 77478	287 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 137	2 KB
1	reclameaqui.com.br api.reclameaqui.com.br — Cisco Umbrella Rank: 208240	318 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 880	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 907	15 KB
1	amazonaws.com s3.amazonaws.com	5 KB
1	pagesense.io cdn.pagesense.io — Cisco Umbrella Rank: 27599	62 KB
108	29

	Domain	Requested by
10	app2-staging.querofinanciar.com	app2-staging.querofinanciar.com
8	analytics.tiktok.com	app2-staging.querofinanciar.com analytics.tiktok.com
6	www.facebook.com	app2-staging.querofinanciar.com
6	connect.facebook.net	app2-staging.querofinanciar.com connect.facebook.net mccdn.me
5	px.ads.linkedin.com	3 redirects snap.licdn.com app2-staging.querofinanciar.com
5	pagead2.googlesyndication.com	www.googletagmanager.com pagead2.googlesyndication.com app2-staging.querofinanciar.com
4	www.googleapis.com	app2-staging.querofinanciar.com
4	firestore.googleapis.com	app2-staging.querofinanciar.com
4	www.googletagmanager.com	app2-staging.querofinanciar.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	analytics.twitter.com	app2-staging.querofinanciar.com
3	t.co	app2-staging.querofinanciar.com
3	www.google.de	app2-staging.querofinanciar.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com app2-staging.querofinanciar.com
2	firebaseremoteconfig.googleapis.com	app2-staging.querofinanciar.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	firebaseinstallations.googleapis.com	app2-staging.querofinanciar.com
2	server-side-tagging-kpzbp472aa-uc.a.run.app	www.googletagmanager.com app2-staging.querofinanciar.com
2	manychat.com	app2-staging.querofinanciar.com
2	firebase.googleapis.com	app2-staging.querofinanciar.com
2	www.google.com	1 redirects app2-staging.querofinanciar.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	track.gaconnector.com	www.googletagmanager.com track.gaconnector.com
1	veiculos.fipe.org.br	app2-staging.querofinanciar.com
1	storage.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagesense-collect.zoho.com	cdn.pagesense.io
1	analytics.pangle-ads.com	analytics.tiktok.com
1	fonts.googleapis.com	app2-staging.querofinanciar.com
1	mccdn.me	widget.manychat.com
1	googleads.g.doubleclick.net	1 redirects
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	px4.ads.linkedin.com	app2-staging.querofinanciar.com
1	www.linkedin.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	api.reclameaqui.com.br	s3.amazonaws.com
1	diffuser-cdn.app-us1.com	app2-staging.querofinanciar.com
1	widget.manychat.com	www.googletagmanager.com
1	snap.licdn.com	app2-staging.querofinanciar.com
1	crm.zoho.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	s3.amazonaws.com	app2-staging.querofinanciar.com
1	cdn.pagesense.io	app2-staging.querofinanciar.com
108	44

This site contains no links.

Subject Issuer	Validity	Valid
querofinanciar.com GTS CA 1P5	`2024-04-27` - `2024-07-26`	3 months	crt.sh
cdn.pagesense.io Amazon RSA 2048 M02	`2023-08-01` - `2024-08-29`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-29` - `2025-03-29`	a year	crt.sh
gaconnector.com E1	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-15` - `2024-06-13`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.manychat.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-14` - `2025-04-13`	a year	crt.sh
diffuser-cdn.app-us1.com E1	`2024-05-28` - `2024-08-26`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
api.reclameaqui.com.br ZeroSSL RSA Domain Secure Site CA	`2024-03-26` - `2024-06-24`	3 months	crt.sh
*.googleadservices.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
prism.app-us1.com E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
mccdn.me E1	`2024-04-28` - `2024-07-27`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
manychat.com Sectigo ECC Domain Validation Secure Server CA	`2023-06-27` - `2024-07-27`	a year	crt.sh
*.a.run.app WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
edgecert.googleapis.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
storage.googleapis.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
fipe.org.br GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://app2-staging.querofinanciar.com/
Frame ID: 3AA975AA7A82AD9C397B7543A2216EDB
Requests: 99 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240604/r20110914/zrt_lookup_fy2021.html
Frame ID: 07B42EA67604FA9E720DEE72077A8A1B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5171047917079910&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717621214&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_18~27_14&aiixl=32_9~27_3&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717639041891&bpp=4&bdt=1033&idt=659&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2985107350592&frm=20&pv=2&ga_vid=649384941.1717639041&ga_sid=1717639043&ga_hid=1086504911&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95334529%2C95334829%2C95334054%2C95334160%2C31078668&oid=2&pvsid=247178437721324&tmod=242091798&uas=0&nvt=1&fsapi=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=698
Frame ID: 7EAB5126F49785834A9EDA90A01F75D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7AEA1B7248DE10A6EA17A9650C9D4D74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Quero Financiar - Solicitação de Empréstimo

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

ManyChat (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

widget\.manychat\.com

Page Statistics

108
Requests

93 %
HTTPS

67 %
IPv6

29
Domains

44
Subdomains

39
IPs

4
Countries

2380 kB
Transfer

8266 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5855561%26time%3D1717639041659%26url%3Dhttps%253A%252F%252Fapp2-staging.querofinanciar.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJfV_7nGiH0iwAAAY_rQ9YYobFB-Qc9aqRbOo3Ck68i94JINBqcFYYnDrkmWWG49aAVIk75Etcj2Hx3ixgt_Aqz3f92xg

Request Chain 34

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934848219/?random=856708434&cv=11&fst=1717639041266&bg=ffffff&guid=ON&async=1&gtm=45be4630v891178679z8811075011za201zb811075011&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&label=h-UTCL3yrqQYENvN4r0D&hn=www.googleadservices.com&frm=0&tiba=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&value=0&npa=1&pscdl=noapi&auid=1118573124.1717639041&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGO0KMyLCAFGpileXmFkFsBKm-iI6uwV-gOQ&pscrd=IhMI4r27h_DFhgMVtvARCB3vEi_cMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KGh0dHBzOi8vYXBwMi1zdGFnaW5nLnF1ZXJvZmluYW5jaWFyLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/934848219/?random=856708434&cv=11&fst=1717639041266&bg=ffffff&guid=ON&async=1&gtm=45be4630v891178679z8811075011za201zb811075011&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&label=h-UTCL3yrqQYENvN4r0D&hn=www.googleadservices.com&frm=0&tiba=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&value=0&npa=1&pscdl=noapi&auid=1118573124.1717639041&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI4r27h_DFhgMVtvARCB3vEi_cMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KGh0dHBzOi8vYXBwMi1zdGFnaW5nLnF1ZXJvZmluYW5jaWFyLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLgOJnhLTFv6a-i8W-RwvEtkF7zRH9UA&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGOy6uhiCjOW9LumR4nLP7RJz1zqT8644cpA&random=3011649248 HTTP 302
https://www.google.de/pagead/1p-conversion/934848219/?random=856708434&cv=11&fst=1717639041266&bg=ffffff&guid=ON&async=1&gtm=45be4630v891178679z8811075011za201zb811075011&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&label=h-UTCL3yrqQYENvN4r0D&hn=www.googleadservices.com&frm=0&tiba=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&value=0&npa=1&pscdl=noapi&auid=1118573124.1717639041&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI4r27h_DFhgMVtvARCB3vEi_cMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KGh0dHBzOi8vYXBwMi1zdGFnaW5nLnF1ZXJvZmluYW5jaWFyLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLgOJnhLTFv6a-i8W-RwvEtkF7zRH9UA&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGOy6uhiCjOW9LumR4nLP7RJz1zqT8644cpA&random=3011649248&ipr=y

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
app2-staging.querofinanciar.com/ 21 KB
2 KB 64ms
28ms Document
text/html 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app2-staging.querofinanciar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59c058af1618fbbe045d6460f7a5e1af9562320653c88184740138975690f4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 88f4ca85088665e0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 06 Jun 2024 01:57:20 GMT
last-modified: Wed, 05 Jun 2024 21:00:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TrjMRNYt860gRNPAoMlfkV4Ms0x2590HqiZfpbrnyLh2w6Ot8qOEQt5IvxCAYliQ8np%2BaX7QIxv8T2zrULKVnURM9ficvoNO%2FNXYa%2BMcJB7BYk%2BvjGXnm7o7%2FtheBs0hj75Z%2Fka%2FTP4kH%2Frtx3fxuKe9SIdYd3JtU4XABhU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230103-FRA
x-timer: S1717639041.823616,VS0,VE3

GET
H2 200 82af9474061c4655800e3bf92a3c9a22.js Show response
cdn.pagesense.io/js/querofinanciar/ 225 KB
62 KB 134ms
11ms Script
application/javascript 2600:9000:2156:9e00:11:bd8b:3000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pagesense.io/js/querofinanciar/82af9474061c4655800e3bf92a3c9a22.js
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9e00:11:bd8b:3000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 251c8fa46d31b35ed0881d44f921bb472504ff2f274372545d5b4fff22dcd444

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 23:27:28 GMT
x-amz-meta-cache-control: max-age=0
content-encoding: gzip
last-modified: Wed, 05 Jun 2024 22:09:27 GMT
server: AmazonS3
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"8dc500c4e0ef82e95fa4b3024f945e60"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=0
age: 8993
x-amz-cf-id: YJ5lZGhspfBrMCSB6plmIci4JCgySe3GNZH7Jmrs9WgH3uUbLYBGig==

GET
H/1.1 200
OK bundle.js Show response
s3.amazonaws.com/raichu-beta/ra-verified/ 4 KB
5 KB 335ms
119ms Script
application/javascript 52.217.117.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/raichu-beta/ra-verified/bundle.js
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.117.96 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c7250badf67ad81b6fc4806091cd5bb16f158bebd473cc209a7f8f1b4efb34e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 01:57:22 GMT
Last-Modified: Fri, 12 Apr 2024 18:38:13 GMT
Server: AmazonS3
x-amz-request-id: H676C2YREBK77XT7
ETag: "69d3da0b89ffa0a671145739eda9397b"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4284
x-amz-id-2: 2BzXgF3BN4FkVkbC6A0wqbMu0CkX0hu5UVwPs/kI1Qmb7NiprpqhHDw+2LFcUwAAp9A5Vp1yCqM=

GET
H3 200 emprestimo-solicitacao.js Show response
app2-staging.querofinanciar.com/js/ 3 MB
748 KB 401ms
401ms Script
text/javascript 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24704022f7e0189999c1f985b1f8ab7be88665bc7eef5649fed29311a0b7de01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3016854
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-yyz4523-YYZ
cf-bgj: minify
last-modified: Wed, 05 Jun 2024 18:54:34 GMT
server: cloudflare
x-timer: S1717617598.165982,VS0,VE237
etag: W/"5afc9571cdbf694aef1f79cf88f5ec95c0451873286e57dbd8b7060126f772f2-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDrkhKwEnBrURbPkoytoFZ%2BOOt4PfR7ovpZnnCHllCMMb4nw%2BcIA6%2FR9yniSkYP5C3dKCL7kx3fOlx2nxGI%2FrnXLsWWnpyKt01npHpSJbcIoTtWoGoWD0%2F2IEhLu%2FBG2gdfObcl3lt9KCLA4V%2F7WTpwpTLjrvvHCEM7D4VE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 88f4ca8568a965e0-FRA
x-cache-hits: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 345 KB
110 KB 62ms
35ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

389da406430ae24fa668d4bcb88bf0e04d1a7640ec75092a052bc7ab42d2fdf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112630
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 01:57:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
106 KB 31ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CG66HNWP8L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5128583d8903248275d10e277117b7791bc0dc746288ca1a39a5490eb58e22fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jun 2024 01:57:21 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 266 KB
92 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-934848219&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1812ad6d7fcba36f135d6511879002daab094335e0899433f1ce0a46b5983ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93909
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 01:57:21 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 439ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-eddf8230068-FRA

GET
H2 200 zcga.js Show response
crm.zoho.com/crm/javascript/ 4 KB
3 KB 594ms
163ms Script
application/javascript 204.141.42.49
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.zoho.com/crm/javascript/zcga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.141.42.49 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

d96f4e2562d6e813901bdbd6fc16e2c4a133db6d851991909f0db8bdb5afb3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: gzip
referrer-policy: strict-origin
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 13:41:01 GMT
server: ZGS
strict-transport-security: max-age=63072000
etag: W/"4180-1717508461000"
x-frame-options: SAMEORIGIN
content-security-policy-report-only: script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.zoho.com https://*.zoho.in https://*.zoho.com.au https://*.zoho.com.cn https://*.zoho.eu https://*.zohocdn.com https://*.stratuscdn.com https://*.zohocdn.com.cn https://*.zappsusercontent.com https://*.zappsusercontent.sa https://*.zappsusercontent.ca https://*.zappsusercontent.jp https://*.zappsusercontent.eu https://*.zappsusercontent.in https://*.zappsusercontent.com.au https://*.zappsusercontent.com.cn https://*.localzappscontents.com https://*.zohostatic.com https://*.zohostatic.in https://*.zohostatic.com.au https://*.zohostatic.ca https://*.zohostatic.eu https://*.zohostatic.jp https://js.skydeskstatic.jp https://*.zoho.com https://media.twiliocdn.com/sdk/js/client/releases/1.7.7/twilio.min.js https://media.twiliocdn.com/sdk/js/client/v1.7/twilio.min.js https://s.ytimg.com/yts/jsbin/ https://www.youtube.com https://dyjgaef5vuq51.cloudfront.net https://d3prssb3z78snv.cloudfront.net https://dtzpfzv31buvf.cloudfront.net https://d22czkv2r5ogmg.cloudfront.net https://d12h6dzwzn4m10.cloudfront.net https://d31g2a6snus4ly.cloudfront.net https://d17nz991552y2g.cloudfront.net chrome-extension://* https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://cdn.pagesense.io https://zohotagmanager.cdn.pagesense.io https://www.zohowebstatic.com/ https://scripts.zohospotlight.com https://widgets.zohosalesiq.com https://*.zohopublic.com https://*.zohopublic.eu https://connect.facebook.net; report-uri https://logsapi.zoho.com/csplog?service=crm
content-type: application/javascript;charset=UTF-8
vary: accept-encoding
content-language: de-DE
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 gaconnector.js Show response
track.gaconnector.com/ 14 KB
6 KB 643ms
216ms Script
text/javascript 2606:4700:20::ac43:4bbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/gaconnector.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bec8cc0f96dcdc4419ab6695ae2df37817c26f0a10daa180286dfbfdb7a9b59

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PxpyEtmMd3LjrlHd6jrYcRqFd2kiZ20qTjEJglq%2FBtUoAEqqkfsf67obDFP898M%2BiUd9g8mqzLrK0uyYbU5WX%2FL7YPyKiQCVPDqN6I%2BrhcvgrGjAmc6jIRkLik52ErSZDZa0IkRU5RPje6rwDRCU9PXkhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 88f4ca8a3a0b9f35-FRA

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
51 KB 429ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5171047917079910

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dbc545d13403f7aacb4dc87decf360726119a9ea217fff70dad776bf1bd9d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52050
x-xss-protection: 0
server: cafe
etag: 2831080601823788850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 06 Jun 2024 01:57:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 433ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jun 2024 01:57:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: HfsI0q1rNIj3ljNge/Cgrn1hZcdqgvTAbvQOCo8fiWPtRZUm9B0fcQSjxmvXDZsFHv7sMg3kToPM1Eb7yQ3uBg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 434ms
9ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=12237
accept-ranges: bytes
content-length: 16683

GET
H2 200 459515557587984.js Show response
widget.manychat.com/ 1 KB
1 KB 430ms
5ms Script
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.manychat.com/459515557587984.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 305e4b01a6f7087cc437810174e1a98574c38ee0e7630245e7fc84b88d4ee38f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
cache-control: no-store
content-encoding: gzip
content-type: text/plain; charset=utf-8

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 32 KB
8 KB 444ms
20ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05bebf5c10ecacbfd4f556fd828f3768f5bff750e46c73b12352813f05a52516

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: gzip
via: 1.1 cdcf1be46a91676588ed8966c4b8eb12.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: LHR62-C3
age: 19
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 03 Jun 2024 21:28:58 GMT
server: cloudflare
etag: W/"7ed0644c4abce847d8cc4b5d6d10b0a5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 88f4ca8a38079064-FRA
x-amz-cf-id: y1tgv6oTuzUBiMyzZ6q0-9ycZeKoCpAZR-laIs7t46Yrq32jgEMTKQ==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 562ms
140ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP16J2JC77UADS7P9JDG&lib=ttq
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6f99a35e6356b39e5f74ea91ce1b60c469b4fd25ec8bb846471837d627cf2be9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 10e3a84.879db71
date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240606015721C966C177E518AA5C72AB-4C88260FAF25D59C-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 128,2.20.179.79
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=19, inner; dur=8
content-length: 1521
pragma: no-cache
server: nginx
x-tt-logid: 20240606015721C966C177E518AA5C72AB
x-cache-remote: TCP_MISS from a23-48-249-150.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.48.249.150
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640fad3ae477e41ba678f0bd483919e59799fa548d535ed847f165e0f16e077b752b066a2c7a968d664c43283b7ba7e4012fe630e51c408216b3d285806c730a694ceee99c68911594544d9f3e373f9fd924064baf014acb74ba78d5255965a1b638
expires: Thu, 06 Jun 2024 01:57:21 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 527ms
105ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP16P7JC77U8EGTRBRNG&lib=ttq
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 85efaa9d94b97d022667fe7a7913f552fbd40ac81a88a6e78ce4891e9fc628ce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 879db72
date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240606015721BC40EF69AD3C395F76F6-5E438A849A09F5F8-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=96
content-length: 2379
pragma: no-cache
server: nginx
x-tt-logid: 20240606015721BC40EF69AD3C395F76F6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,2.20.179.79
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640f9c45500c11fca6f0cd45f2f18af708b5b836638299e77c06ecdf673ebc7d1238fd806b19af0ce590d281a0c132362ab2fb86759677bff70886e62b2f37bef699a626d9bc5367437552be1481ac958849
expires: Thu, 06 Jun 2024 01:57:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 102ms
0ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jun 2024 01:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 978
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jun 2024 03:41:03 GMT

GET
H2 400 WmhmUDRoVVpKaWxPRWhCWDpxdWVyby1maW5hbmNpYXItY29t Show response
api.reclameaqui.com.br/embed-raverified/hash/ 92 B
318 B 756ms
98ms XHR
application/json 35.237.183.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.reclameaqui.com.br/embed-raverified/hash/WmhmUDRoVVpKaWxPRWhCWDpxdWVyby1maW5hbmNpYXItY29t
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/ra-verified/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.237.183.236 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.183.237.35.bc.googleusercontent.com
Software: /
Resource Hash: c3a2d03742f7798bb9910961fb8df845665e1dbe665ae22b2663a1860b57f20b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

via: kong/3.4.0
x-kong-proxy-latency: 0
vary: Origin
content-type: application/json
access-control-allow-origin: https://app2-staging.querofinanciar.com
x-kong-upstream-latency: 6
access-control-expose-headers: Content-Disposition,Set-Cookie
access-control-allow-credentials: true
content-length: 92

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/934848219/ 3 KB
2 KB 88ms
37ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/934848219/?random=1717639041266&cv=11&fst=1717639041266&bg=ffffff&guid=ON&async=1&gtm=45be4630v891178679z8811075011za201zb811075011&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&label=h-UTCL3yrqQYENvN4r0D&hn=www.googleadservices.com&frm=0&tiba=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1118573124.1717639041&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-934848219&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

5824f023628312a8fb50d6f042833e409b3dccd8497ba6d1728a64d3b4c19055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1736
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
265 B 132ms
0ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CG66HNWP8L&gtm=45je4630v885723351z8811075011za200zb811075011&_p=1717639041059&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=649384941.1717639041&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717639041&sct=1&seg=0&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&dt=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=547
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CG66HNWP8L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 45ms
16ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CG66HNWP8L&cid=649384941.1717639041&gtm=45je4630v885723351z8811075011za200zb811075011&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CG66HNWP8L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 85ms
35ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CG66HNWP8L&cid=649384941.1717639041&gtm=45je4630v885723351z8811075011za200zb811075011&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=178888972

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
10ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CG66HNWP8L&gtm=45je4630v885723351z8811075011za200zb811075011&_p=1717639041059&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=649384941.1717639041&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1717639041&sct=1&seg=0&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&dt=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&en=gtm.js&ep.event_name=Lead%20Created&ep.event_category=Zoho%20CRM&_et=4&tfd=563
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CG66HNWP8L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 359ms
172ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=cd45cd52-f9be-4b6c-9cd1-a347d3ae90dc&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eda46223-350d-4531-9e5d-e5bf096e186c&tw_document_href=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&tw_iframe_status=0&txn_id=ocd7s&type=javascript&version=2.3.30

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 157
date: Thu, 06 Jun 2024 01:57:21 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2b98b08e0440ee77
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 625caef2e97323bf4ce4ffa2f4fa28551557063647afa5132d73de11b51f6dfa
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
546 B 394ms
198ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=cd45cd52-f9be-4b6c-9cd1-a347d3ae90dc&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eda46223-350d-4531-9e5d-e5bf096e186c&tw_document_href=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&tw_iframe_status=0&txn_id=ocd7s&type=javascript&version=2.3.30

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 188
date: Thu, 06 Jun 2024 01:57:21 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: a7acdb070797663d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 37fa312e06e620fc8cd9d0a34ab79ae70b632428d7444afd64b5a23e4a1ec5d2
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
252 B 293ms
183ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=5ca1a730-2a2d-49c6-bb2d-d116f8924dd8&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eda46223-350d-4531-9e5d-e5bf096e186c&tw_document_href=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&tw_iframe_status=0&txn_id=ocd7s&type=javascript&version=2.3.30

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 155
date: Thu, 06 Jun 2024 01:57:21 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: faff8633290046f2
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 0926ff9e76945db055f250e06f013fa116977d4a7cb8e98cbb3ba67f39312a64
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 240ms
124ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=5ca1a730-2a2d-49c6-bb2d-d116f8924dd8&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eda46223-350d-4531-9e5d-e5bf096e186c&tw_document_href=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&tw_iframe_status=0&txn_id=ocd7s&type=javascript&version=2.3.30

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 114
date: Thu, 06 Jun 2024 01:57:21 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: c93586f19532e11d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 37fa312e06e620fc8cd9d0a34ab79ae70b632428d7444afd64b5a23e4a1ec5d2
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
252 B 259ms
174ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=433edc43-90bb-46a4-bf0b-619b43766773&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eda46223-350d-4531-9e5d-e5bf096e186c&tw_document_href=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&tw_iframe_status=0&txn_id=ocd7s&type=javascript&version=2.3.30

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 158
date: Thu, 06 Jun 2024 01:57:21 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0b81dea512cbf35c
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 15601b62dca674d445c70c5fd729b4330cef2717935ab4ef2a303e5b45497380
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
546 B 294ms
179ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=433edc43-90bb-46a4-bf0b-619b43766773&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eda46223-350d-4531-9e5d-e5bf096e186c&tw_document_href=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&tw_iframe_status=0&txn_id=ocd7s&type=javascript&version=2.3.30

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 169
date: Thu, 06 Jun 2024 01:57:21 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 3cb0bac096044667
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 37fa312e06e620fc8cd9d0a34ab79ae70b632428d7444afd64b5a23e4a1ec5d2
content-length: 43

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
811 B 314ms
106ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A8837B905F714FD3966964F3E288DC85 Ref B: FRAEDGE1120 Ref C: 2024-06-06T01:57:21Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYaLwDyAYnx6Xm4jMH9cw==
x-fs-uuid: 00061a2f00f20189f1e979b88cc1fd73

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5855561%26time%3D1717639041659%26url%3Dhttps%253A%252F%252Fapp2-staging.querofina...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJfV_7nGiH0iwAAAY_rQ9YYobFB-...

0
263 B

208ms
106ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJfV_7nGiH0iwAAAY_rQ9YYobFB-Qc9aqRbOo3Ck68i94JINBqcFYYnDrkmWWG49aAVIk75Etcj2Hx3ixgt_Aqz3f92xg
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app2-staging.querofinanciar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Thu, 06 Jun 2024 01:57:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E02958E6C4234B17A241AB776845C541 Ref B: FRAEDGE1506 Ref C: 2024-06-06T01:57:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYaLwD/1A/Cxs/dr7zFWA==

Redirect headers

date: Thu, 06 Jun 2024 01:57:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DB43223C4B2D49E18236F4FBBD0CE16E Ref B: FRAEDGE2008 Ref C: 2024-06-06T01:57:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5855561&time=1717639041659&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJfV_7nGiH0iwAAAY_rQ9YYobFB-Qc9aqRbOo3Ck68i94JINBqcFYYnDrkmWWG49aAVIk75Etcj2Hx3ixgt_Aqz3f92xg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYaLwD8MEQ17ahvvZwWiw==

GET
H2 200 / Show response
prism.app-us1.com/ 0
313 B 363ms
174ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=92436774&u=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.27
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 75
cf-ray: 88f4ca8c8aae71c7-FRA
content-length: 0

GET
H2 200 677587577517189 Show response
connect.facebook.net/signals/config/ 58 KB
13 KB 99ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/677587577517189?v=2.9.157&r=stable&domain=app2-staging.querofinanciar.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29b746beb9dc430f53dd4e6939040ca7fec5a44cb2d84206769f8e7e99be994b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jun 2024 01:57:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=64, mss=1328, tbw=63495, tp=-1, tpl=-1, uplat=51, ullat=0
pragma: public
x-fb-debug: 5V1HkiWKOLraGvk2COFr0sgc2CkLdYLEBeV38dc2kp5Qw4+HHly+XYif+2BriVCpIE0GvbKoi0ScH1Le2LEopQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MTRiM2JhOTViMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 349 KB
102 KB 68ms
0ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP16P7JC77U8EGTRBRNG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 389c9647c6c700b608453680dd0e7b9977ca3ff76204d290cf54ee1c60d6f0ca

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 879dbf5
date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202406051609469435C1760D08872F87D1
x-tt-trace-id: 00-2406051609469435C1760D08872F87D1-763D842BA528D241-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015a2aae49e07a10620d6cfe3c54c005ab87a786bf6ea2b972ef7150f2b64e5201255d93c70fb15f3129d05e38eb365584bb99a5bc515687fdb8db1d74f3ecbbc3e194bb511ec8ba3f49cd384c620c53723471a1b34106b66073706bb11a4c0f4a
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=4
content-length: 103465

GET
H3

200

/
www.google.de/pagead/1p-conversion/934848219/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934848219/?random=856708434&cv=11&fst=1717639041266&bg=ffffff&guid=ON&async=1&gtm=45be4630v891178679z8811075011za201zb811075011&gcd=...
https://www.google.com/pagead/1p-conversion/934848219/?random=856708434&cv=11&fst=1717639041266&bg=ffffff&guid=ON&async=1&gtm=45be4630v891178679z8811075011za201zb811075011&gcd=13l3lPl2l1&dma_cps=sy...
https://www.google.de/pagead/1p-conversion/934848219/?random=856708434&cv=11&fst=1717639041266&bg=ffffff&guid=ON&async=1&gtm=45be4630v891178679z8811075011za201zb811075011&gcd=13l3lPl2l1&dma_cps=syp...

42 B
64 B

23ms
23ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/934848219/?random=856708434&cv=11&fst=1717639041266&bg=ffffff&guid=ON&async=1&gtm=45be4630v891178679z8811075011za201zb811075011&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&label=h-UTCL3yrqQYENvN4r0D&hn=www.googleadservices.com&frm=0&tiba=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&value=0&npa=1&pscdl=noapi&auid=1118573124.1717639041&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI4r27h_DFhgMVtvARCB3vEi_cMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KGh0dHBzOi8vYXBwMi1zdGFnaW5nLnF1ZXJvZmluYW5jaWFyLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLgOJnhLTFv6a-i8W-RwvEtkF7zRH9UA&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGOy6uhiCjOW9LumR4nLP7RJz1zqT8644cpA&random=3011649248&ipr=y

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app2-staging.querofinanciar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/934848219/?random=856708434&cv=11&fst=1717639041266&bg=ffffff&guid=ON&async=1&gtm=45be4630v891178679z8811075011za201zb811075011&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&label=h-UTCL3yrqQYENvN4r0D&hn=www.googleadservices.com&frm=0&tiba=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&value=0&npa=1&pscdl=noapi&auid=1118573124.1717639041&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI4r27h_DFhgMVtvARCB3vEi_cMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6KGh0dHBzOi8vYXBwMi1zdGFnaW5nLnF1ZXJvZmluYW5jaWFyLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLgOJnhLTFv6a-i8W-RwvEtkF7zRH9UA&eitems=ChAI8JmAswYQlv3ClaS4sJ8GEh0AOSrGOy6uhiCjOW9LumR4nLP7RJz1zqT8644cpA&random=3011649248&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
220 B 88ms
0ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1086504911&t=pageview&_s=1&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&ul=de-de&de=UTF-8&dt=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=769183515&gjid=1125322844&cid=649384941.1717639041&tid=UA-73650409-1&_gid=1618990800.1717639042&_r=1&_slc=1&gtm=45He4630n81TDGBF25v811075011za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=560752776

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTRiM2JhOTViMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
100 KB 84ms
0ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP16J2JC77UADS7P9JDG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b696d943a5d725768a59d00a9fa7bd14c73d3f97340eabf55268b25cddc877ca

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 879dc48
date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240605160944FB20EC0D58AD842DBDA2
x-tt-trace-id: 00-240605160944FB20EC0D58AD842DBDA2-40516E0EF1DB2437-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018c400746f19662ca52b07e266491d5b542bc2154fa0dc23040166ebfb5096ddc70d506cbe194e0db54d0e3f0182914cdc82778aa58d72c8579ab74b7f053e49b3663396d3fa206cfb3aa8f3a0b1ce9a2ec27f5429b70555d236a28ea40f97614
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 101981

GET
H3 200 251866087795688 Show response
connect.facebook.net/signals/config/ 21 KB
4 KB 143ms
125ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/251866087795688?v=2.9.157&r=stable&domain=app2-staging.querofinanciar.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C137%2C161%2C148%2C110%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2233bc91684f6aff918cccfa67de059ddd6363d0232ffd370898451b6d4c32f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jun 2024 01:57:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4334, tp=9, tpl=0, uplat=60, ullat=0
pragma: public
x-fb-debug: C/q3wXUhapHE3Wc2oe5eDkm/NcKxob+evzEu2QzjZFl0Y/Lv+/hoa8y0C31EigN6V0JhwXmHFK6P2IdsD4z0XQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 180ms
0ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=677587577517189&ev=PageView&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com&rl=&if=false&ts=1717639041822&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717639041819.502762485692533676&pm=1&hrl=6b3f60&ler=empty&cdl=API_unavailable&it=1717639041702&coo=false&cs_cc=1&rqm=GET

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2801, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jun 2024 01:57:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 221ms
174ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=677587577517189&ev=PageView&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com&rl=&if=false&ts=1717639041822&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717639041819.502762485692533676&pm=1&hrl=6b3f60&ler=empty&cdl=API_unavailable&it=1717639041702&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x89b888d4a3b57b10","source_keys":["1","2"]},{"key_piece":"0xf3c0e661747c00a8","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 06 Jun 2024 01:57:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1328, tbw=3153, tp=-1, tpl=-1, uplat=168, ullat=0
pragma: no-cache
x-fb-debug: r33GM4TaA7EL9/3LBQ1C7mYJBb3PKV4j1k2MlaTRd/fClWpZQJNe4gMYpMZqC9VDlWjIlfbhTzZkCvgkhzxfLw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 track_pageview
track.gaconnector.com/ 35 B
400 B 126ms
75ms Ping
text/javascript 2606:4700:20::ac43:4bbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/track_pageview?gaconnector_id=74986483-621f-42a1-8762-946ed3646160&account_id=de884cff1391007f996484b09145a01c&referer=&page_url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&gclid=&utm_source=&utm_medium=&utm_campaign=&utm_term=&utm_content=
Requested by: Host: track.gaconnector.com
URL: https://track.gaconnector.com/gaconnector.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 759c918b4b08fc0284a95e0f00347dfea780c2ad32bada5813c6a7338f5be1ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pE1syJ85pdCJjXA4aLOLrz4v35dvIDUud2aOQk3BTvl9dzdAynWe9hF58LTnWsL1cxE5r02Uvv24NLWKTmdF9MiMLXMBxnn5jDgblOVWbbr8BIkC2cJmh1XgKtHqtP8cWhFndvNFoXKT%2ByiAJCv0jx%2BXjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 88f4ca8bbbc89f35-FRA
content-length: 35

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/ 425 KB
144 KB 104ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5171047917079910&plah=app2-staging.querofinanciar.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5171047917079910

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45bfec41f7bfa680670c5491ae09de13a103501b651b87a517f3156ba3aff99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147235
x-xss-protection: 0
server: cafe
etag: 12270695325193907139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Jun 2024 01:57:21 GMT

GET
H2 200 widget.js Show response
mccdn.me/assets/js/ 919 KB
287 KB 118ms
13ms Script
application/javascript 2606:4700:20::681a:e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mccdn.me/assets/js/widget.js
Requested by: Host: widget.manychat.com
URL: https://widget.manychat.com/459515557587984.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d620baeb76205503a5666439d9dc125df3a336394e8d70e35489cf7ed7b17a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 14:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5816
etag: W/"666071e6-e5da1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UiM%2Fm7UWSgvZptBxeH4awynlDhzHI3J5qIVVyqHIYN%2BhkTjxynNf%2Fkw55nwQ7LH03HhQI4nd%2BhFApDHJ8k5cFtfWxouMeGkRlCv9wop9dE4XMmWsYJBqEPNzdPOx2Ac%2BvqHhWMTM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://manychat.com
cache-control: public, max-age=7200
timing-allow-origin: *
cf-ray: 88f4ca8d48c39b6e-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
360 B 193ms
17ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73650409-1&cid=649384941.1717639041&jid=769183515&gjid=1125322844&_gid=1618990800.1717639042&npa=1&_u=YADAAEAAAAAAACAAI~&z=696024207

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 01:57:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 normal.woff2
app2-staging.querofinanciar.com/cf-fonts/s/roboto/5.0.11/latin/400/ 15 KB
16 KB 33ms
32ms Font
application/octet-stream 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app2-staging.querofinanciar.com/cf-fonts/s/roboto/5.0.11/latin/400/normal.woff2
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Origin: https://app2-staging.querofinanciar.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zU6C7KYY5LbyYTYS%2FgiDC2G%2BqonLK4Cbp3k%2BBZgLgb9%2FwHhGvNqZkdhtk%2F3%2Bq01Ui%2FmOJjpye3ODos5ogVHdkAWAvEAkVcD7zVcYqsyY0Gyi3sCGKgHl2fQUHj96TCJ4uG9ddgDUMi6lGD7OUUoXD5u2Fn6S1Z65GSXR7og%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 88f4ca8eef9f65e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15744

GET
H3 200 83e2181153251ac29ac78c6001ad17df.png
app2-staging.querofinanciar.com/img/ 19 KB
20 KB 680ms
662ms Image
image/png 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app2-staging.querofinanciar.com/img/83e2181153251ac29ac78c6001ad17df.png

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8a8a44baab2984329b13674853f37e8030f1183e233753355a34ce541877f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:22 GMT
strict-transport-security: max-age=31556926
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=27332, status=vary_header_present
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 19495
x-served-by: cache-yyz4527-YYZ
cf-bgj: imgq:100,h2pri
last-modified: Wed, 05 Jun 2024 18:54:34 GMT
server: cloudflare
x-timer: S1717617599.881572,VS0,VE119
etag: "4211fd29075ab277436c23c94f03a007cb62a9f0b02adb6c3ea3ef1fae24a1e5-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JyytM9NAwxcb7O%2BTI0RTYPxppOhzW3rxSPFUA12qefOodeViuX5DcvpZw%2Bqb%2F1jFAp4A5Xrr0Gw1kBoosQuxANA1GegKvmHcsFZN3VijCMtmlBaYVVL8IXTZsbkqGQMaNNg%2Fzwwit9ljyZQu2t01oHRmp84hRR7joW0Sxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88f4ca8def2d65e0-FRA
x-cache-hits: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
36ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1086504911&t=event&ni=0&_s=1&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&ul=de-de&de=UTF-8&dt=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=etapa_carregada&ea=carregou_etapa_1&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=649384941.1717639041&tid=UA-73650409-1&_gid=1618990800.1717639042&gtm=45He4630n81TDGBF25v811075011za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=718699824

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:31:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41155
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
16ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73650409-1&cid=649384941.1717639041&jid=769183515&npa=1&_u=YADAAEAAAAAAACAAI~&z=1569353583

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 20ms
18ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73650409-1&cid=649384941.1717639041&jid=769183515&npa=1&_u=YADAAEAAAAAAACAAI~&z=1569353583

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
2 KB 56ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c7510cd1ecdcdbaf8d47f7e32f1ef6d2606f379c10cc95581e302cb148d95a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 01:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 01:18:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 01:57:22 GMT

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
40 KB 15ms
10ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 879df33
date: Thu, 06 Jun 2024 01:57:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405211400005A6482EC8658954395AB
x-tt-trace-id: 00-2405211400005A6482EC8658954395AB-7D65582794A05721-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01bb7da6081e9cf70fa40d500e66dc7f748628c80e0f1c23442ca51ee8a2f8b68964c4f446120724fd2ca9707a41b0908b9313ba92036a2906c239a7d63f0bac733445c05cc1dc4ee260ea56789bff41382955417bb369ac05d71aab0981d5b1c3
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 40007

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
839 B 137ms
135ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8d47fee6.879df44
date: Thu, 06 Jun 2024 01:57:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406060157224C46C6BC5D34F15CAC2C-02834D0E8463A2D4-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 122,2.20.179.79
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=34, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202406060157224C46C6BC5D34F15CAC2C
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.220.104.8
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640f266b72c7dc3e62c105391e444c9bd86c139fa624341873cf6c8d3a7e9dfcb20059eb1615da04276b74b3085cd2479bc53095cbad2c0e0e41dfad28fe796f8e07649ba1110550031d271dd5f6df1232a3a345850d0eb6a84bf6141bd184618eae
access-control-allow-headers: Authorization,*
expires: Thu, 06 Jun 2024 01:57:22 GMT

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
819 B 384ms
117ms Ping
text/plain 23.46.150.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.150.82 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-46-150-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1f4a76b
date: Thu, 06 Jun 2024 01:57:22 GMT
x-bytefaas-request-id: 20240606015722F56C72585DE8C23DC36A
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240606015722F56C72585DE8C23DC36A-2EA35C81DB513279-00
x-cache: TCP_MISS from a23-46-150-78.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240606015722F56C72585DE8C23DC36A
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.04
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640fba9ad1713014a020a050ec426e0dfcad67fc49812ab91d23ceb4b5c413e0ce0b734eac176dd2f62b5d5d34bd64726a1e2a1db11c60b503d3177dac5a81df2170e5ad2235a6bfc2ce478db7ccf94c8135
x-origin-response-time: 9,23.46.150.78
access-control-allow-headers: *
expires: Thu, 06 Jun 2024 01:57:22 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
700 B 136ms
134ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 879df47
date: Thu, 06 Jun 2024 01:57:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240606015722BC40EF69AD3C395F7772-3744E5389972DBED-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing: inner; dur=27, cdn-cache; desc=MISS, edge; dur=4, origin; dur=118
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240606015722BC40EF69AD3C395F7772
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 118,2.20.179.79
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640f9c45500c11fca6f0cd45f2f18af708b5b836638299e77c06ecdf673ebc7d1238a2a0abe8e448eee5af585693ae37a8db19e1cd0f7bacbd9c4d396764dab1cf07bc79a8981957b8331e8f2fd99adcf8bf
access-control-allow-headers: Authorization,*
expires: Thu, 06 Jun 2024 01:57:22 GMT

GET
BLOB 200
OK 9a6250da-f130-4a89-b7da-5007dc46c4cc
https://app2-staging.querofinanciar.com/ 10 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app2-staging.querofinanciar.com/9a6250da-f130-4a89-b7da-5007dc46c4cc
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae8c38c3aee3001df6dda0b79e0b5b84be682d5dc73268d95f3cd5d9874bc8d8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 10314
Content-Type

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:927210197346:web:89805bc0cd3abf88605c3b/ 330 B
410 B 42ms
25ms Fetch
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:927210197346:web:89805bc0cd3abf88605c3b/webConfig

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bf0507983d51b236c4352835f6602109f6e24b1b84aedb302e55de2469d3caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
accept: application/json
Referer: https://app2-staging.querofinanciar.com/
x-goog-api-key: AIzaSyAZvlMt73_CBpoKA1bx7oP-0vcjpoQ1hvo
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:927210197346:web:89805bc0cd3abf88605c3b/ Frame 0
0 90ms
25ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:927210197346:web:89805bc0cd3abf88605c3b/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://app2-staging.querofinanciar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 06 Jun 2024 01:57:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 psimg.gif
pagesense-collect.zoho.com/ 42 B
444 B 731ms
184ms Ping
image/gif 136.143.191.190
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pagesense-collect.zoho.com/psimg.gif?raw=%7B%22vrd%22%3A%5B%7B%22a%22%3A%22querofinanciar%22%2C%22p%22%3A%2282af9474061c4655800e3bf92a3c9a22%22%7D%5D%2C%22urd%22%3A%7B%22bv%22%3A%22Chrome%22%2C%22lv%22%3A%22de-DE%22%2C%22ov%22%3A%22Windows%22%2C%22dv%22%3A%22desktop%22%2C%22mdv%22%3A%22UNKNOWN%22%2C%22rv%22%3A%22%22%2C%22frv%22%3A%22%22%2C%22fcv%22%3A%22https%3A%2F%2Fapp2-staging.querofinanciar.com%2F%22%2C%22cv%22%3A%22https%3A%2F%2Fapp2-staging.querofinanciar.com%22%2C%22up%22%3A%5B%5D%2C%22tv%22%3A%22DIRECT%22%2C%22srv%22%3A%221600x1200%22%2C%22f%22%3A%221717639041049zabu0.09122022570315691%22%2C%22d%22%3A%221717639042522zabv0.010099825835023113%22%2C%22sid%22%3A%221717639042523zsc0.44330599786427816%22%2C%22ts%22%3A0%2C%22n%22%3Atrue%2C%22lp%22%3A%22https%3A%2F%2Fapp2-staging.querofinanciar.com%22%2C%22lpr%22%3A%22%22%2C%22fsrc%22%3A%22direct%22%2C%22fmdm%22%3A%22(none)%22%2C%22fchn%22%3A%22direct%22%2C%22ifr%22%3Atrue%2C%22isef%22%3Atrue%2C%22ht%22%3A%22pageview%22%2C%22iht%22%3Atrue%2C%22src%22%3A%22direct%22%2C%22mdm%22%3A%22(none)%22%2C%22chn%22%3A%22direct%22%2C%22dtte%22%3A%22Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo%22%7D%7D&type=21&domainname=querofinanciar

Requested by

Host: cdn.pagesense.io
URL: https://cdn.pagesense.io/js/querofinanciar/82af9474061c4655800e3bf92a3c9a22.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.143.191.190 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:23 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
server: ZGS
x-frame-options: DENY
content-type: image/gif;charset=UTF-8
access-control-allow-origin: *
content-disposition: attachment; filename="psimg.gif"
content-length: 42

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 14ms
11ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=251866087795688&ev=PageView&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com&rl=&if=false&ts=1717639042533&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717639041819.502762485692533676&pm=1&hrl=eec19c&ler=empty&cdl=API_unavailable&it=1717639041702&coo=false&cs_cc=1&cas=7477259389022007&rqm=GET

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1328, tbw=6363, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jun 2024 01:57:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
473 B 47ms
46ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=251866087795688&ev=PageView&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com&rl=&if=false&ts=1717639042533&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717639041819.502762485692533676&pm=1&hrl=eec19c&ler=empty&cdl=API_unavailable&it=1717639041702&coo=false&cs_cc=1&cas=7477259389022007&rqm=FGET

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe4a3fccabe0401d7","source_keys":["1","2"]},{"key_piece":"0x0542e12099220bf3","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 06 Jun 2024 01:57:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1328, tbw=6509, tp=-1, tpl=-1, uplat=39, ullat=0
pragma: no-cache
x-fb-debug: gw7eLuW2Q4RqN08MaYBaE3VBJ5CiFffF0KKlVvTyI01ikmesObqPUCcAuwFzeV8gE+3/gvLFcwOq702LDXFZtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240604/r20110914/ Frame 07B4 0
0 52ms
24ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240604/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5171047917079910&plah=app2-staging.querofinanciar.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app2-staging.querofinanciar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 75404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jun 2024 05:00:38 GMT
etag: 3711839061170457607
expires: Wed, 19 Jun 2024 05:00:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 7EAB 0
0 339ms
338ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5171047917079910&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717621214&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_18~27_14&aiixl=32_9~27_3&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717639041891&bpp=4&bdt=1033&idt=659&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2985107350592&frm=20&pv=2&ga_vid=649384941.1717639041&ga_sid=1717639043&ga_hid=1086504911&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95334529%2C95334829%2C95334054%2C95334160%2C31078668&oid=2&pvsid=247178437721324&tmod=242091798&uas=0&nvt=1&fsapi=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=698

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app2-staging.querofinanciar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 4387
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 01:57:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 logEvent
manychat.com/pixel/ Frame 0
0 303ms
4ms Preflight 3.69.37.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.37.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-37-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app2-staging.querofinanciar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-max-age: 1728000
date: Thu, 06 Jun 2024 01:57:22 GMT

POST
H2 200 logEvent Show response
manychat.com/pixel/ 15 B
140 B 18ms
10ms XHR
application/json 3.69.37.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.37.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-37-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 06 Jun 2024 01:57:22 GMT
content-encoding: gzip
content-type: application/json

GET
H3 200 664863834282266 Show response
connect.facebook.net/signals/config/ 34 KB
7 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/664863834282266?v=2.9.157&r=stable&domain=app2-staging.querofinanciar.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C137%2C161%2C148%2C110%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82f88320edfdc0e77844d407a09d2e15b520edcec99e28e7419704f5f37ca735

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jun 2024 01:57:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=30, mss=1232, tbw=12766, tp=20, tpl=0, uplat=66, ullat=1
pragma: public
x-fb-debug: tL2OwqiiAseAQK2o98h1l/ml99EWaOR+GM1W57Y1WJU6T8vxzqPKmMd++JDK2FueEnPMuoRdZwD1+L/kwKbBVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CG66HNWP8L&gtm=45je4630v885723351za200zb811075011&_p=1717639041059&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=649384941.1717639041&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1717639041&sct=1&seg=0&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&dt=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&en=scroll&epn.percent_scrolled=90&_et=4&tfd=1949
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CG66HNWP8L&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
server-side-tagging-kpzbp472aa-uc.a.run.app/g/ 0
462 B 650ms
529ms Ping
text/html 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://server-side-tagging-kpzbp472aa-uc.a.run.app/g/collect?v=2&tid=G-CG66HNWP8L&gtm=45je4630v885723351z8811075011za200zb811075011&_p=1717639041059&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=649384941.1717639041&ul=de-de&sr=1600x1200&_fplc=0&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=4&sid=1717639041&sct=1&seg=1&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&dt=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&en=page_view&_et=1374&tfd=1960
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CG66HNWP8L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:23 GMT
server: Google Frontend
content-type: text/html
x-cloud-trace-context: 45e643e1f8cdb5a30e920e8163d0b665;o=1
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 06 Jun 2024 01:57:23 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
841 B 147ms
145ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 10e3dcf.879e0bf
date: Thu, 06 Jun 2024 01:57:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240606015722C966C177E518AA5C730A-0C5FEC4DD631179E-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 124,2.20.179.79
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=35, inner; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240606015722C966C177E518AA5C730A
x-cache-remote: TCP_MISS from a23-48-249-150.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.48.249.150
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640fad3ae477e41ba678f0bd483919e59799fa548d535ed847f165e0f16e077b752b066a2c7a968d664c43283b7ba7e4012f47bf170588a3a14718b5b042b8f9c5fd524aa1a2f6105a2b5bf4f2fadf9c5f893464c2e04e7236f44746c4266a82c10c
access-control-allow-headers: Authorization,*
expires: Thu, 06 Jun 2024 01:57:22 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: mccdn.me
URL: https://mccdn.me/assets/js/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a905175811f0e2b7b0404faf42dd4b4e142754a514650b915d4248423f5e863c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jun 2024 01:57:22 GMT
content-md5: epORAXFlsJFU/Sis9ms1hg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=28, mss=1232, tbw=10574, tp=17, tpl=0, uplat=1, ullat=-1
x-fb-debug: spJUEW6fWgv3g/YCiamVZ4z5m3ho8MljOm5kmrU+JCbQ1YwYnhepmquayGw8oMpnJPtDoxgMi82I3a0JSgE/8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4cf9866fa7ddbf6d55fb94508c80f805
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b54feec507bcecebb65a4d809d5ed8e0"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 06 Jun 2024 02:09:21 GMT

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/querofinanciar1-staging/ 624 B
679 B 389ms
372ms Fetch
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/querofinanciar1-staging/installations

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a54528ad67ff0e6316e674e0a8b641c9f9cc08ac1b74bfb58ba4f684a0c3f960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://app2-staging.querofinanciar.com/
x-goog-api-key: AIzaSyAZvlMt73_CBpoKA1bx7oP-0vcjpoQ1hvo
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/querofinanciar1-staging/ Frame 0
0 119ms
18ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/querofinanciar1-staging/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://app2-staging.querofinanciar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 06 Jun 2024 01:57:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
90 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CLH1G4WYEM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDGBF25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddca6f85b1fbe29c86ffcc688cfcb4d168d0b5f59fd0b43067cdb2b0f16219fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jun 2024 01:57:22 GMT

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
462 B 1560ms
1472ms XHR
text/plain 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fquerofinanciar1-staging%2Fdatabases%2F(default)&VER=8&RID=46045&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F8.2.9%0D%0AContent-Type%3Atext%2Fplain%0D%0A&zx=kuiaqrxkk5cm&t=1

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0400e88a93f79563c007b66fc0dc00d4a3b1ecbb421955552fcbb7aff10b088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Jun 2024 01:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: 48l39JDPTUKaANzsB_B7ZiisWROacyp72vZrpGNnSp4

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 299 KB
86 KB 60ms
32ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=8fa2799319803eaeaaebccfb5f81ff8f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7644093f5abd5c98c1ffd765273290e65c9cb45c116fb3951582992de069e5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Origin: https://app2-staging.querofinanciar.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jun 2024 01:57:22 GMT
content-md5: +rUoxVqSX2k1ChA2YHxx7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87644
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4335, tp=9, tpl=0, uplat=3, ullat=-1
x-fb-debug: TqTmV0HNIYJbuYu90mCGV25bo7OFlfcVKCrZFtjoYfmr+1myO6ojUvvCaKn8O/EVsSCo4gSBtP1nPJ1q1WP0DQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4492f0662223266e3465a2d66edae621
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "4d65738d0db9a64d1550ce1020efbdc8"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Jun 2025 00:35:36 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 43ms
13ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=664863834282266&ev=PageView&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com&rl=&if=false&ts=1717639042796&sw=1600&sh=1200&v=2.9.157&r=stable&a=gtmss&ec=0&o=4124&fbp=fb.1.1717639041819.502762485692533676&pm=1&hrl=f2dc43&ler=empty&cdl=API_unavailable&cs_est=true&it=1717639041702&coo=false&eid=b01d4f08-3b05-457a-a491-8b53248245c5_1717639041059.17&cs_cc=1&cas=7477259389022007%2C4110636079035352%2C3929252393859310%2C3225225010870195%2C3291589997553045%2C2903992022982038%2C2886264138076511&rqm=GET

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4382, tp=10, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jun 2024 01:57:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 94ms
63ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=664863834282266&ev=PageView&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com&rl=&if=false&ts=1717639042796&sw=1600&sh=1200&v=2.9.157&r=stable&a=gtmss&ec=0&o=4124&fbp=fb.1.1717639041819.502762485692533676&pm=1&hrl=f2dc43&ler=empty&cdl=API_unavailable&cs_est=true&it=1717639041702&coo=false&eid=b01d4f08-3b05-457a-a491-8b53248245c5_1717639041059.17&cs_cc=1&cas=7477259389022007%2C4110636079035352%2C3929252393859310%2C3225225010870195%2C3291589997553045%2C2903992022982038%2C2886264138076511&rqm=FGET

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1a88ae7906e71d2a","source_keys":["1","2"]},{"key_piece":"0xe1a4193d8bf482bc","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 06 Jun 2024 01:57:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=23, mss=1232, tbw=4750, tp=13, tpl=0, uplat=42, ullat=0
pragma: no-cache
x-fb-debug: /pkd7WpxCiJ6/4vKST1rR95cRPnPggxJfxZI4hrjUnPrijIxLgRvKGcuHYl0awhUwgw+z4Nxa/+Z4QUnB7Ys5w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CLH1G4WYEM&gtm=45je4630v883805395za200zb811075011&_p=1717639041059&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&_fid=e_UDnrZIkMflucomvYmF-e&cid=649384941.1717639041&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717639042&sct=1&seg=0&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&dt=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase&tfd=2184&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CLH1G4WYEM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
206 B 125ms
118ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://app2-staging.querofinanciar.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6017B66D80B24E3D97BEEB3B54B01698 Ref B: FRAEDGE2008 Ref C: 2024-06-06T01:57:22Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://app2-staging.querofinanciar.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYaLwEDFWJ9vNG/3+aVkA==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 52ms
35ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240604&st=env

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d59923797e6ad329fde335aaabf6632937a6e5fb1e8eea03261d5f899cfc0d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12459
x-xss-protection: 0

GET
H2 200 favicon_32x32.png
storage.googleapis.com/querofinanciar-public/ 1 KB
2 KB 257ms
193ms Other
image/png 2a00:1450:4001:810::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/querofinanciar-public/favicon_32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9427e624852e5eafa4380b32cbd1c672887556c26070a9072124c3ba1b129505

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:23 GMT
x-guploader-uploadid: ABPtcPoH1LfKOy45YiPb1zLvTLRYAnAaIJ4TfBzauhpx0N1KSNz43KpfK_5tBixr3qVjKeZxMickxZqMRQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1296
last-modified: Fri, 07 May 2021 17:46:27 GMT
server: UploadServer
etag: "69cb23b8a705d5208b3859377c569163"
x-goog-generation: 1620409587318750
content-type: image/png
content-language: en
x-goog-hash: crc32c=6DGcfg==, md5=acsjuKcF1SCLOFk3fFaRYw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1296
accept-ranges: bytes
expires: Thu, 06 Jun 2024 02:57:23 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 51ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 01:57:23 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7AEA 0
0 28ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app2-staging.querofinanciar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 28096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jun 2024 18:09:07 GMT
expires: Thu, 05 Jun 2025 18:09:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 collect Show response
server-side-tagging-kpzbp472aa-uc.a.run.app/g/ 65 B
506 B 646ms
645ms XHR
text/plain 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://server-side-tagging-kpzbp472aa-uc.a.run.app/g/collect?v=2&tid=G-CG66HNWP8L&gtm=45je4630v885723351z8811075011za200zb811075011&_p=1717639041059&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=649384941.1717639041&ecid=1240670384&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1717639041059&sst.ude=0&_s=5&sid=1717639041&sct=1&seg=1&dl=https%3A%2F%2Fapp2-staging.querofinanciar.com%2F&dt=Quero%20Financiar%20-%20Solicita%C3%A7%C3%A3o%20de%20Empr%C3%A9stimo&en=gtm.dom&ep.event_id=b01d4f08-3b05-457a-a491-8b53248245c5_1717639041059.17&ep.event_name=PageView&_et=2&tfd=2461&richsstsse

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:23 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no
expires: Thu, 06 Jun 2024 01:57:23 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 522 KB
0 1461ms
1460ms XHR
text/plain 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fquerofinanciar1-staging%2Fdatabases%2F(default)&gsessionid=48l39JDPTUKaANzsB_B7ZiisWROacyp72vZrpGNnSp4&VER=8&RID=rpc&SID=76byg_PsRYK56eJRr_TFzg&CI=0&AID=0&TYPE=xmlhttp&zx=zdcqt9ddh5qy&t=1

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Referer, origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: private, max-age=0
access-control-allow-credentials: true
x-debug-tracking-id: 9712356723528480042;o=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
50 B 1411ms
1410ms XHR
text/plain 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fquerofinanciar1-staging%2Fdatabases%2F(default)&VER=8&gsessionid=48l39JDPTUKaANzsB_B7ZiisWROacyp72vZrpGNnSp4&SID=76byg_PsRYK56eJRr_TFzg&RID=46046&AID=5&zx=cp0ni1tcgl78&t=1

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59e985a6b4503260116c50d3342d7b5bd34879a05f2a77521710b9caffd1f23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Jun 2024 01:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://app2-staging.querofinanciar.com
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
x-xss-protection: 0

POST
H3 200 firebase:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/querofinanciar1-staging/namespaces/ 96 B
125 B 217ms
217ms Fetch
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/querofinanciar1-staging/namespaces/firebase:fetch?key=AIzaSyAZvlMt73_CBpoKA1bx7oP-0vcjpoQ1hvo

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a5964f8b4666004b47acbb200c98317f02e74ad591f9c39c4b22393e131834a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Content-Encoding: gzip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://app2-staging.querofinanciar.com/
If-None-Match: *
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-querofinanciar1-staging-firebase-fetch-370792094
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101
x-xss-protection: 0

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/querofinanciar1-staging/namespaces/ Frame 0
0 21ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/querofinanciar1-staging/namespaces/firebase:fetch?key=AIzaSyAZvlMt73_CBpoKA1bx7oP-0vcjpoQ1hvo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://app2-staging.querofinanciar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 06 Jun 2024 01:57:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 ConsultarTabelaDeReferencia Show response
veiculos.fipe.org.br/api/veiculos/ 10 KB
2 KB 715ms
617ms XHR
application/json 2606:4700:20::ac43:4890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://veiculos.fipe.org.br/api/veiculos/ConsultarTabelaDeReferencia

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcad76cc919fe325af8f4fecbd79d6481b411075305d7ded6ba22660602f6eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:26 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
alt-svc: h3=":443"; ma=86400
content-length: 1152
x-aspnetmvc-version: 5.2
server: cloudflare
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zU52IedFzdCyyAE%2FewIRCRPfBHdNMDgjVRjahhbWFigg%2FLbkkmcLzl0GXJkMbheyhH%2FyS66suw8ajAvbMmbB8uRFv9StnjOFJ2HetkL6xOr93W0TYMkwvuRaD3rC9X4xfikUjbLPm%2B3WfJgvCfqvEwpIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, s-maxage=0, max-age=10800
cf-ray: 88f4caa6dc5630f0-FRA
expires: Thu, 06 Jun 2024 04:57:26 GMT

POST
H2 200 signupNewUser Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 1 KB
1 KB 451ms
450ms XHR
application/json 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyAZvlMt73_CBpoKA1bx7oP-0vcjpoQ1hvo

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54af1cfe93d2562daab74da48a6b71c4bf333c4e2746ef43b71cead2854f2678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Client-Version: Chrome/JsCore/8.2.9/FirebaseCore-web
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://app2-staging.querofinanciar.com/
X-Firebase-Locale: pt-BR
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 982
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 signupNewUser
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 203ms
125ms Preflight
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyAZvlMt73_CBpoKA1bx7oP-0vcjpoQ1hvo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version,x-firebase-locale
Access-Control-Request-Method: POST
Origin: https://app2-staging.querofinanciar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version,x-firebase-locale
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 06 Jun 2024 01:57:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 getAccountInfo Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 258 B
227 B 146ms
146ms XHR
application/json 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyAZvlMt73_CBpoKA1bx7oP-0vcjpoQ1hvo

Requested by

Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1639abf73edf0fa33a6a46b7978c6a8e45158d95402f35270b1977643c341fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Client-Version: Chrome/JsCore/8.2.9/FirebaseCore-web
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://app2-staging.querofinanciar.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 01:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 getAccountInfo
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 112ms
111ms Preflight
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyAZvlMt73_CBpoKA1bx7oP-0vcjpoQ1hvo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://app2-staging.querofinanciar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app2-staging.querofinanciar.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 06 Jun 2024 01:57:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 88ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://app2-staging.querofinanciar.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:07:35 GMT
x-content-type-options: nosniff
age: 128992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:07:35 GMT

POST
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 0
0 208ms
207ms Ping
text/plain 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fquerofinanciar1-staging%2Fdatabases%2F(default)&VER=8&gsessionid=48l39JDPTUKaANzsB_B7ZiisWROacyp72vZrpGNnSp4&SID=76byg_PsRYK56eJRr_TFzg&RID=46047&TYPE=terminate&zx=wqo9o259xg5t
Requested by: Host: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/js/emprestimo-solicitacao.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 normal.woff2
app2-staging.querofinanciar.com/cf-fonts/s/roboto/5.0.11/latin/700/ 15 KB
16 KB 53ms
52ms Font
application/octet-stream 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app2-staging.querofinanciar.com/cf-fonts/s/roboto/5.0.11/latin/700/normal.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Origin: https://app2-staging.querofinanciar.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a51qadqi8w09D1%2BTzobwuNH9SlSFctZSjPsEa2b4n%2F33mWfBylitbTszpsOy2Cm1s8ZZjJTtdqfkls0gRcrViaJSp7kIGHLYIzGt%2FSTpGnONivismiBDKrlCdkUSdrLeEp2stEq298Y5DzlxJD4qxXoiqWByhfhjobAZJxo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 88f4cab10be165e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15860

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 83ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://app2-staging.querofinanciar.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:25:00 GMT
x-content-type-options: nosniff
age: 127947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14780
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:25:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 90ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://app2-staging.querofinanciar.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:14:21 GMT
x-content-type-options: nosniff
age: 128586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:14:21 GMT

GET
H3 200 normal.woff2
app2-staging.querofinanciar.com/cf-fonts/s/roboto/5.0.11/latin/500/ 16 KB
16 KB 26ms
25ms Font
application/octet-stream 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app2-staging.querofinanciar.com/cf-fonts/s/roboto/5.0.11/latin/500/normal.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Origin: https://app2-staging.querofinanciar.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFKq8V37KLGZJTQnMy2UlSHwFn4i%2F9skFTGknwie%2BauRh95Or5lr6rPy77WgfeKbbsJMwu93NN3rLlt38RueWlhITRVyzeQ8nFcTVzje7yTA9uDrSJqQLE9PQecYZvk4E0xoyr8YObIWDNSCh9eNcJz8lqQuiQt7yNwTTYc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 88f4cab10be265e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15920

GET e2af1bca52c5d4c427726376b1f0b11e.svg
app2-staging.querofinanciar.com/img/ 0
0

GET
H3 200 9bd843b4aa9385f2db4c19687213f3d8.svg
app2-staging.querofinanciar.com/img/ 13 KB
4 KB 788ms
786ms Image
image/svg+xml 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app2-staging.querofinanciar.com/img/9bd843b4aa9385f2db4c19687213f3d8.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

588c756b381fad52060799a03ca80a78ac3744e794b49541fff8833a82387d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:28 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-yyz4556-YYZ
last-modified: Wed, 05 Jun 2024 18:54:34 GMT
server: cloudflare
x-timer: S1717617603.999583,VS0,VE130
etag: W/"caeb66649dd862e12d2694b273b289216385de184bfe39380ef7cc9c077d3c14-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jr5OBsAdiWuGoEgZtJ%2F7KS0Z1YL7gKuOPffkALm0gVKwSGAdKzafVNGEGJfxkwa1Xq5BorrlXlJMXTFOW5gC9HzNtji4xDfW2mElSvkSAXsJ3fwx%2FLqe5%2B%2FtpNSGJ7Y0PL1jZy%2FTalM%2FCW8BUtKmNdPW4M3PNq2DS%2BtP8gI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88f4cab10bdb65e0-FRA
x-cache-hits: 0

GET 43ad83544e84779b511d23cc3754c53f.png
app2-staging.querofinanciar.com/img/ 0
0

GET
H3 200 889be2ee28570cd46f61792ad5bff7bb.png
app2-staging.querofinanciar.com/img/ 13 KB
14 KB 319ms
317ms Image
image/png 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app2-staging.querofinanciar.com/img/889be2ee28570cd46f61792ad5bff7bb.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c6df7b89a6249e1798b20c99fae40ef0a4681b60563ae8bef20780b61172de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:28 GMT
strict-transport-security: max-age=31556926
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=14944, status=vary_header_present
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13309
x-served-by: cache-yyz4562-YYZ
cf-bgj: imgq:100,h2pri
last-modified: Wed, 05 Jun 2024 18:54:34 GMT
server: cloudflare
x-timer: S1717617603.000493,VS0,VE222
etag: "07206c70bff14e11133fbedf02eedf4d4608a04841954a6bdcf7236566bceed3-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqEBMtpdEtnIZ3F%2BEOYhmiQqNRo00Ue5WZrmiqyX8UBQta52qarxF33s2d7%2Bkzum8YCH9B4bGDqOiZf2FJT7XAHyQsv5%2FzZPKlwjat7E7es93%2F5854y3VArFRYUBlS7N2ov0qqOiMaQW7T1tbpKAJq6FA4nNPO5dt8WCP6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88f4cab10bdd65e0-FRA
x-cache-hits: 0

GET
H3 200 640d0b1e39b36fd2550c24f1e0237438.png
app2-staging.querofinanciar.com/img/ 8 KB
9 KB 170ms
168ms Image
image/png 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app2-staging.querofinanciar.com/img/640d0b1e39b36fd2550c24f1e0237438.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12da1fff20544b27bbdd0de0066974b73a8a9c6f79472d70463905c57a4ab03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:28 GMT
strict-transport-security: max-age=31556926
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=10141, status=vary_header_present
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8188
x-served-by: cache-yyz4537-YYZ
cf-bgj: imgq:100,h2pri
last-modified: Wed, 05 Jun 2024 18:54:34 GMT
server: cloudflare
x-timer: S1717617603.008037,VS0,VE118
etag: "2a0f36fd74e8ce41b8a70a676ace12569e7c1c8deb316b6c3aff7c7df69a43fe-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zpLoMK2WFwDXJ74Feh4AM7vsCBzs3apzs05%2FqDY2haeU8BJRGXBxUCwL9HAUh30vulJpq6p5%2BCd%2BpjGxDUMAitPnrSatfwyL6ulEtKhjQsFtZPif0J11FgbjGYm0y1bbXYtEEE3v7k0SHXSVLDAtWqD%2BUw2vxRVTqH21WHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88f4cab10bde65e0-FRA
x-cache-hits: 0

GET b207bbaee3f514c7bd6295661b32e2c0.png
app2-staging.querofinanciar.com/img/ 0
0

GET
H3 200 efbafc5d3c55e87d366abd647eef0551.png
app2-staging.querofinanciar.com/img/ 13 KB
14 KB 544ms
543ms Image
image/png 2606:4700:3108::ac42:2b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app2-staging.querofinanciar.com/img/efbafc5d3c55e87d366abd647eef0551.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9200602d4086469cae71b1db325781f0d6615d01498b43e183a64d6a2febeeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app2-staging.querofinanciar.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 01:57:28 GMT
strict-transport-security: max-age=31556926
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=18471, status=vary_header_present
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13732
x-served-by: cache-yyz4582-YYZ
cf-bgj: imgq:100,h2pri
last-modified: Wed, 05 Jun 2024 18:54:34 GMT
server: cloudflare
x-timer: S1717617603.045701,VS0,VE153
etag: "135d771e57c532f61d862dea83e0cebbf81c9d18cf02b4dee8303fa8526c875b-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=coh50rRPs72LuA7zjI9Oxq4VaTKObPnIZlB0OA2vDAF%2BIAIv75ZpW9Hp7Eu8CsOWXU3CHQf4fWjD%2F28Of6jSFbMaBL6uC1lGCDD2cRJLilV1zGJyxFe63h6Ys%2FAHXDcjdlm1flgXL1I%2BP8GJOYlMF2qVf0pm%2F5Gd3jRIOtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88f4cab10be065e0-FRA
x-cache-hits: 0

POST channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240604&jk=247178437721324&bg=!1dal1pnNAAb64txl2uI7ADQBe5WfONm4On7n7SckPrdZCibGEPl0McE7H3Q7ZkniZ21WGfcI3YUcq1Kkb3xU7yxklDIwAgAAAIhSAAAABGgBB34ANXeHp-hJ6BkxLgVd_0wnHn38A6vUMMB54ewjNcz6t_VGohERo4AEy3PdNFt7Q-UjaYQQxCBmmQKi2_5CDtFRQf7jfJi1HBJg2wkChPGnTfXXUJxdW3KFXPHwhLJOFRIK6wZy4yH_-9SO4g3_tPqU_lLmrMC5JCh1mA94kVMTm_q8wClmHnuL5ERdhE4q22VVNmTuFDXeR6hsWpC8fyDdD6LpAZWfK1nglCPT0TmlvMGwJq_fhwfcUiNWzdZNwFU4UtGo_Clivl5nzjdGFZEvyjyikEGz6nXr6nxMSs98As9y27cBMZHk5-ZUjhM8QQW8chUiGHPh-cDfwUQsdAKcJWW8Qv6wxhrHqGFMRZShl3TA0tYn9hgBQTY0Rca6F38gfLl8Z_4TXQvbVJjVVerzm16vdQGucqOa2AiqZpflpfDask_2XasAluJPjvrqRrtouA1dAbkTxJl7R_eWpnNA6Du-cnr_8gjZfOtJ__6_rkv8hYDoRbijws9L6lB7APGFl82O2U3HHPpohDsWG5UNTJMYYzEMbq3mDSeGNqgxHXqKBE7gOtqIEN25VrBu0cFuc1b7IwNYUGKs-EI95875nL2d6kVB6it3qpee0xCi35twUgwqUHzwJv_FS3DpF1UHR2p83fO3O9eazXldZbetM3svLwQs-Jx3f2gcUTa5dVAFKd9DIHaA4WtIJMfheVsBmfdnScc0OmT1zX1TsWpJPsdzFDmJ7mckEOfbRutWsOvn7mi2MTY9cL0SHvH-8h6gh0s50XKcEva30p7vtriUJuv8ryAVG7WlMXHBOOGPAOGIzDcSFlp8KrEJn1Bi-PQolmdlbFrw-rc7xspcVl5NP5bP5PsXwOHT4wio6sbXO9rgHGFrTJadhwT_yrH2mqgQTBD1YDpR1a0YI3N_-SKJFJpnZnTmzLl9m67LZeGGfNAzgWUfHX-e3kNvMaky2UOLXZvpy8sMtLL_Zws

Domain: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/img/e2af1bca52c5d4c427726376b1f0b11e.svg

Domain: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/img/43ad83544e84779b511d23cc3754c53f.png

Domain: app2-staging.querofinanciar.com
URL: https://app2-staging.querofinanciar.com/img/b207bbaee3f514c7bd6295661b32e2c0.png

Domain: firestore.googleapis.com
URL: https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fquerofinanciar1-staging%2Fdatabases%2F(default)&VER=8&RID=35139&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F8.2.9%0D%0AContent-Type%3Atext%2Fplain%0D%0AAuthorization%3ABearer%20eyJhbGciOiJSUzI1NiIsImtpZCI6IjMzMDUxMThiZTBmNTZkYzA4NGE0NmExN2RiNzU1NjVkNzY4YmE2ZmUiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9xdWVyb2ZpbmFuY2lhcjEtc3RhZ2luZyIsImF1ZCI6InF1ZXJvZmluYW5jaWFyMS1zdGFnaW5nIiwiYXV0aF90aW1lIjoxNzE3NjM5MDQ3LCJ1c2VyX2lkIjoiN2RVdlhQQlBPWGE2ZFQ2SEUxYkE1NG44enFjMiIsInN1YiI6IjdkVXZYUEJQT1hhNmRUNkhFMWJBNTRuOHpxYzIiLCJpYXQiOjE3MTc2MzkwNDcsImV4cCI6MTcxNzY0MjY0NywiZmlyZWJhc2UiOnsiaWRlbnRpdGllcyI6e30sInNpZ25faW5fcHJvdmlkZXIiOiJhbm9ueW1vdXMifX0.nhLs57K4xZ5Dmjlk_5sVYdXOY81PhX13pzgdJqzgmY_xKxZbk1VzFktgHxMx-AQZUu1lQ0r0UaBPWUyd7BHUYzW6b875929jqjfbcEVv4AVrCJiAEfSpX_BfrgIS7xpu-ihwLvd4t-BEud0qXihsQUDKpYel5S2Fe0x7XQ012cBMYKq0WaLvy5haHcIg517MHFi-9DTdFuW8wjCuJwKJZh2wOMGfG-72rFwRr5uPl19KbMAxU00AB2Y0GnLeQ8mhtBb1xnQLUAqWT2PHDsC0CUKnQ8NM-5xzbNwxlwW0yhkowHco9KJgvGksH8UYuNJr5qLLPPiH_gq2yvJYmSevpw%0D%0A&zx=w2pn4co419z&t=1

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app2-staging.querofinanciar.com/	1970-01-21 05:52:55	Name: zabUserId Value: 1717639041049zabu0.09122022570315691
.querofinanciar.com/	1970-01-20 23:16:55	Name: _gcl_au Value: 1.1.1118573124.1717639041
.querofinanciar.com/	1970-01-20 21:08:45	Name: _gid Value: GA1.2.1618990800.1717639042
.querofinanciar.com/	1970-01-20 21:07:19	Name: _gat_UA-73650409-1 Value: 1
.tiktok.com/	1970-01-21 06:28:55	Name: _ttp Value: 2hUBzu0HneC8zH12M4q93IuA9jC
crm.zoho.com/	1969-12-31 23:59:59	Name: crmcsr Value: edd0dd06-8432-407c-918b-add03965929e
app2-staging.querofinanciar.com/	1970-01-20 21:50:31	Name: gclid Value: undefined
.querofinanciar.com/	1970-01-20 23:16:55	Name: _fbp Value: fb.1.1717639041819.502762485692533676
.doubleclick.net/	1970-01-20 21:07:19	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 23:16:55	Name: li_sugr Value: 1cf8cfdf-9cc3-4740-afcd-e8890aaf8173
.linkedin.com/	1970-01-21 05:52:55	Name: bcookie Value: "v=2&16884856-f929-41a8-8ab6-547c1113e306"
.linkedin.com/	1970-01-20 21:08:45	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3263:u=1:x=1:i=1717639041:t=1717725441:v=2:sig=AQE0Ez-o3-3AX-hJphherCgyWRoomYAb"
.t.co/	1970-01-21 06:43:19	Name: muc_ads Value: 1bbce5fa-bcb5-4c52-8a69-4c724841cbae
.twitter.com/	1970-01-21 06:43:19	Name: guest_id_marketing Value: v1%3A171763904192741883
.twitter.com/	1970-01-21 06:43:19	Name: guest_id_ads Value: v1%3A171763904192741883
.twitter.com/	1970-01-21 06:43:19	Name: personalization_id Value: "v1_JKm1nwWlMIMgaVdWyCXSCg=="
.twitter.com/	1970-01-21 06:43:19	Name: guest_id Value: v1%3A171763904192741883
prism.app-us1.com/	1970-01-20 21:50:31	Name: prism_92436774 Value: 7d6cd7cb-ec9a-4091-a399-cd78cda3a063
.linkedin.com/	1970-01-20 21:50:31	Name: UserMatchHistory Value: AQKbkvn3j1h-mwAAAY_rQ9UQtlS-K4Ua1xPLSRESctm4_UzlkheJpyV8f7tEPPFXmES3e2LVLwh8pQ
.linkedin.com/	1970-01-20 21:50:31	Name: AnalyticsSyncHistory Value: AQJQ6Y7gjhRmWgAAAY_rQ9UQGeoibXEnlhMMJA3I0R4uFRFKwxA0JBPj2g4i84WUuE1VuihlNlwU6FCDI8gZBQ
.querofinanciar.com/	1970-01-21 06:28:55	Name: _tt_enable_cookie Value: 1
.querofinanciar.com/	1970-01-21 06:28:55	Name: _ttp Value: GrhLZOLfn3YuNE6gbUkFjegux5N
.app2-staging.querofinanciar.com/	1970-01-20 21:07:20	Name: zsc82af9474061c4655800e3bf92a3c9a22 Value: 1717639042523zsc0.44330599786427816
.www.linkedin.com/	1970-01-21 05:52:55	Name: bscookie Value: "v=1&202406060157223f09266f-d0aa-4afa-8223-386341f35aebAQF9eB3FJyJh3JL4ha0h-2LN2Iazd99s"
.linkedin.com/	1970-01-21 01:26:31	Name: li_gc Value: MTswOzE3MTc2MzkwNDI7MjswMjHXQfXGFi7xK9h+yQNCS6EsNLEj4c0StEsNdhGp47Gm3Q==
.app2-staging.querofinanciar.com/	1970-01-20 21:07:22	Name: zft-sdc Value: isef%3Dtrue-isfr%3Dtrue-src%3Ddirect
.app2-staging.querofinanciar.com/	1970-01-21 05:52:55	Name: zps-tgr-dts Value: sc%3D1-expAppOnNewSession%3D%5B%5D-pc%3D1-sesst%3D1717639042524
.querofinanciar.com/	1970-01-21 06:43:19	Name: _ga_CG66HNWP8L Value: GS1.1.1717639041.1.1.1717639042.59.0.1240670384
.querofinanciar.com/	1970-01-21 06:43:19	Name: _ga_CLH1G4WYEM Value: GS1.1.1717639042.1.0.1717639042.0.0.0
.querofinanciar.com/	1970-01-21 06:43:19	Name: _ga Value: GA1.1.649384941.1717639041
pagesense-collect.zoho.com/	1969-12-31 23:59:59	Name: zfccn Value: ca92373c-626e-462e-9a89-98b39ec10532

64 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.reclameaqui.com.br/embed-raverified/hash/WmhmUDRoVVpKaWxPRWhCWDpxdWVyby1maW5hbmNpYXItY29t Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/(Line 4) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app2-staging.querofinanciar.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
api.reclameaqui.com.br
app2-staging.querofinanciar.com
cdn.pagesense.io
connect.facebook.net
crm.zoho.com
diffuser-cdn.app-us1.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
firestore.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
manychat.com
mccdn.me
pagead2.googlesyndication.com
pagesense-collect.zoho.com
prism.app-us1.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s3.amazonaws.com
server-side-tagging-kpzbp472aa-uc.a.run.app
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
storage.googleapis.com
t.co
tpc.googlesyndication.com
track.gaconnector.com
veiculos.fipe.org.br
widget.manychat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagmanager.com
www.linkedin.com
app2-staging.querofinanciar.com
firestore.googleapis.com
pagead2.googlesyndication.com
104.244.42.131
13.107.42.14
136.143.191.190
142.250.74.194
146.75.120.157
18.185.191.84
2.18.64.15
2001:4860:4802:32::35
2001:4860:4802:32::36
204.141.42.49
23.46.150.82
2600:9000:2156:9e00:11:bd8b:3000:93a1
2606:4700:20::681a:e87
2606:4700:20::ac43:4890
2606:4700:20::ac43:4bbd
2606:4700:3108::ac42:2b29
2606:4700::6812:80d8
2620:1ec:21::14
2a00:1450:4001:800::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::201b
2a00:1450:4001:811::200a
2a00:1450:4001:81d::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:26f0:480:f::213:7ec6
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.69.37.240
35.237.183.236
52.217.117.96
93.184.221.165
05bebf5c10ecacbfd4f556fd828f3768f5bff750e46c73b12352813f05a52516
0bec8cc0f96dcdc4419ab6695ae2df37817c26f0a10daa180286dfbfdb7a9b59
0bf0507983d51b236c4352835f6602109f6e24b1b84aedb302e55de2469d3caf
0c6df7b89a6249e1798b20c99fae40ef0a4681b60563ae8bef20780b61172de4
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d8a8a44baab2984329b13674853f37e8030f1183e233753355a34ce541877f5
12da1fff20544b27bbdd0de0066974b73a8a9c6f79472d70463905c57a4ab03b
1639abf73edf0fa33a6a46b7978c6a8e45158d95402f35270b1977643c341fb1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c7510cd1ecdcdbaf8d47f7e32f1ef6d2606f379c10cc95581e302cb148d95a6
2233bc91684f6aff918cccfa67de059ddd6363d0232ffd370898451b6d4c32f8
24704022f7e0189999c1f985b1f8ab7be88665bc7eef5649fed29311a0b7de01
251c8fa46d31b35ed0881d44f921bb472504ff2f274372545d5b4fff22dcd444
29b746beb9dc430f53dd4e6939040ca7fec5a44cb2d84206769f8e7e99be994b
305e4b01a6f7087cc437810174e1a98574c38ee0e7630245e7fc84b88d4ee38f
389c9647c6c700b608453680dd0e7b9977ca3ff76204d290cf54ee1c60d6f0ca
389da406430ae24fa668d4bcb88bf0e04d1a7640ec75092a052bc7ab42d2fdf3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45bfec41f7bfa680670c5491ae09de13a103501b651b87a517f3156ba3aff99c
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5128583d8903248275d10e277117b7791bc0dc746288ca1a39a5490eb58e22fd
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5
54af1cfe93d2562daab74da48a6b71c4bf333c4e2746ef43b71cead2854f2678
5824f023628312a8fb50d6f042833e409b3dccd8497ba6d1728a64d3b4c19055
588c756b381fad52060799a03ca80a78ac3744e794b49541fff8833a82387d00
59c058af1618fbbe045d6460f7a5e1af9562320653c88184740138975690f4ca
59e985a6b4503260116c50d3342d7b5bd34879a05f2a77521710b9caffd1f23d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6dbc545d13403f7aacb4dc87decf360726119a9ea217fff70dad776bf1bd9d15
6f99a35e6356b39e5f74ea91ce1b60c469b4fd25ec8bb846471837d627cf2be9
759c918b4b08fc0284a95e0f00347dfea780c2ad32bada5813c6a7338f5be1ab
7644093f5abd5c98c1ffd765273290e65c9cb45c116fb3951582992de069e5ae
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
82f88320edfdc0e77844d407a09d2e15b520edcec99e28e7419704f5f37ca735
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85efaa9d94b97d022667fe7a7913f552fbd40ac81a88a6e78ce4891e9fc628ce
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
9200602d4086469cae71b1db325781f0d6615d01498b43e183a64d6a2febeeeb
9427e624852e5eafa4380b32cbd1c672887556c26070a9072124c3ba1b129505
9a5964f8b4666004b47acbb200c98317f02e74ad591f9c39c4b22393e131834a
a1812ad6d7fcba36f135d6511879002daab094335e0899433f1ce0a46b5983ef
a54528ad67ff0e6316e674e0a8b641c9f9cc08ac1b74bfb58ba4f684a0c3f960
a905175811f0e2b7b0404faf42dd4b4e142754a514650b915d4248423f5e863c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae8c38c3aee3001df6dda0b79e0b5b84be682d5dc73268d95f3cd5d9874bc8d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b696d943a5d725768a59d00a9fa7bd14c73d3f97340eabf55268b25cddc877ca
c0400e88a93f79563c007b66fc0dc00d4a3b1ecbb421955552fcbb7aff10b088
c3a2d03742f7798bb9910961fb8df845665e1dbe665ae22b2663a1860b57f20b
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c7250badf67ad81b6fc4806091cd5bb16f158bebd473cc209a7f8f1b4efb34e3
d59923797e6ad329fde335aaabf6632937a6e5fb1e8eea03261d5f899cfc0d22
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
d96f4e2562d6e813901bdbd6fc16e2c4a133db6d851991909f0db8bdb5afb3a4
ddca6f85b1fbe29c86ffcc688cfcb4d168d0b5f59fd0b43067cdb2b0f16219fa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d620baeb76205503a5666439d9dc125df3a336394e8d70e35489cf7ed7b17a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fcad76cc919fe325af8f4fecbd79d6481b411075305d7ded6ba22660602f6eed

app2-staging.querofinanciar.com Open in urlscan Pro 2606:4700:3108::ac42:2b29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

93 %HTTPS

67 %IPv6

29 Domains

44 Subdomains

39 IPs

4 Countries

2380 kBTransfer

8266 kBSize

31 Cookies

0 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app2-staging.querofinanciar.com Open in urlscan Pro
2606:4700:3108::ac42:2b29 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

93 %
HTTPS

67 %
IPv6

29
Domains

44
Subdomains

39
IPs

4
Countries

2380 kB
Transfer

8266 kB
Size

31
Cookies

108 HTTP transactions
0 data transactions