emprestimosim.com.br Open in urlscan Pro
52.151.244.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://emprestimosim.com.br/
Submission: On December 16 via manual (December 16th 2021, 2:37:48 pm UTC) from BR — Scanned from DE

Summary HTTP 182 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 64 IPs in 9 countries across 50 domains to perform 182 HTTP transactions. The main IP is 52.151.244.28, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is emprestimosim.com.br.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 17th 2021. Valid for: a year.

This is the only time emprestimosim.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
65	52.151.244.28 52.151.244.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1 3	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	52.48.136.232 52.48.136.232	16509 (AMAZON-02) (AMAZON-02)
1	13.32.22.92 13.32.22.92	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:d55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	177.54.158.78 177.54.158.78	262287 (Maxihost ...) (Maxihost LTDA)
3	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
4	2.16.186.234 2.16.186.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	13.32.22.49 13.32.22.49	16509 (AMAZON-02) (AMAZON-02)
3 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1503	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 4	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	54.94.251.185 54.94.251.185	16509 (AMAZON-02) (AMAZON-02)
5	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
1	143.204.209.102 143.204.209.102	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3033::ac43:a21b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	18.229.207.252 18.229.207.252	16509 (AMAZON-02) (AMAZON-02)
5 7	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	3.127.192.192 3.127.192.192	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	99.81.7.40 99.81.7.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
4 4	18.195.140.97 18.195.140.97	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:9a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	3.127.120.47 3.127.120.47	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	34.255.54.140 34.255.54.140	16509 (AMAZON-02) (AMAZON-02)
1 2	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1	34.102.166.132 34.102.166.132	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	13.69.106.217 13.69.106.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
182	64

65 52.151.244.28 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

emprestimosim.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

9568187.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.136.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-136-232.eu-west-1.compute.amazonaws.com

smct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-92.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d55 (United States)

ASN13335 (CLOUDFLARENET, US)

plugins.soclminer.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.soclminer.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 177.54.158.78 (Jaboatao dos Guararapes, Brazil)

ASN262287 (Maxihost LTDA, BR)
PTR: game.strongerhosting.com.br

advcake.dataroyal.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hitbr.acstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-234.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-49.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1503 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.94.251.185 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-251-185.sa-east-1.compute.amazonaws.com

event.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-14643-9.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-102.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:a21b (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.rubiconredirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scripts.rubiconredirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.229.207.252 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-207-252.sa-east-1.compute.amazonaws.com

cms.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.22 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.192.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-192-192.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.7.40 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-7-40.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.140.97 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-140-97.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:9a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.120.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-120-47.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.54.140 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-54-140.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.133.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	emprestimosim.com.br emprestimosim.com.br	2 MB
10	criteo.com 4 redirects gum.criteo.com mug.criteo.com sslwidget.criteo.com widget.us.criteo.com dis.criteo.com	22 KB
10	doubleclick.net 3 redirects 9568187.fls.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	6 KB
8	yahoo.com sp.analytics.yahoo.com ads.yahoo.com ups.analytics.yahoo.com	2 KB
8	tailtarget.com tags.t.tailtarget.com d.tailtarget.com tt-14643-9.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	24 KB
7	adnxs.com 5 redirects ib.adnxs.com secure.adnxs.com	7 KB
6	clarity.ms 1 redirects www.clarity.ms c.clarity.ms b.clarity.ms	24 KB
6	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com sync-t1.taboola.com	28 KB
5	getblue.io event.getblue.io widget.getblue.io cms.getblue.io	4 KB
5	google.com www.google.com adservice.google.com	1 KB
5	typekit.net use.typekit.net	137 KB
4	advertising.com 4 redirects pixel.advertising.com	1 KB
4	rubiconredirect.com pixel.rubiconredirect.com scripts.rubiconredirect.com	5 KB
4	google.de www.google.de	693 B
4	tiktok.com analytics.tiktok.com	68 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	12 KB
3	facebook.com www.facebook.com	587 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	64 KB
3	google-analytics.com www.google-analytics.com	57 KB
3	facebook.net connect.facebook.net	57 KB
2	visualstudio.com dc.services.visualstudio.com	282 B
2	3lift.com 1 redirects eb2.3lift.com	737 B
2	addthis.com cw.addthis.com	856 B
2	tapad.com 1 redirects pixel.tapad.com	897 B
2	mgid.com 1 redirects cm.mgid.com	1 KB
2	mediawallahscript.com 1 redirects partner.mediawallahscript.com	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	360yield.com 1 redirects ad.360yield.com	855 B
2	soclminer.com.br plugins.soclminer.com.br api.soclminer.com.br	35 KB
2	googletagmanager.com www.googletagmanager.com	123 KB
1	rlcdn.com idsync.rlcdn.com	417 B
1	pubmatic.com simage2.pubmatic.com	679 B
1	tpmn.co.kr ad.tpmn.co.kr	601 B
1	turn.com 1 redirects d.turn.com	418 B
1	openx.net us-u.openx.net	275 B
1	smaato.net s.ad.smaato.net	239 B
1	media.net contextual.media.net	784 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	outbrain.com sync.outbrain.com	476 B
1	kargo.com crb.kargo.com	360 B
1	acstat.com hitbr.acstat.com	530 B
1	googleadservices.com www.googleadservices.com	14 KB
1	msecnd.net az416426.vo.msecnd.net	40 KB
1	dataroyal.com.br advcake.dataroyal.com.br	4 KB
1	criteo.net static.criteo.net	14 KB
1	smct.co smct.co	311 B
1	jsdelivr.net cdn.jsdelivr.net	3 KB
1	googleoptimize.com www.googleoptimize.com	36 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
182	50

	Domain	Requested by
65	emprestimosim.com.br	emprestimosim.com.br
5	use.typekit.net	emprestimosim.com.br
4	pixel.advertising.com	4 redirects
4	ups.analytics.yahoo.com
4	ib.adnxs.com	3 redirects event.getblue.io
4	www.google.de	emprestimosim.com.br
4	www.google.com	emprestimosim.com.br
4	gum.criteo.com	3 redirects static.criteo.net
4	analytics.tiktok.com	emprestimosim.com.br analytics.tiktok.com
3	secure.adnxs.com	2 redirects
3	dis.criteo.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	b.clarity.ms	az416426.vo.msecnd.net
3	www.facebook.com	emprestimosim.com.br
3	sp.analytics.yahoo.com	emprestimosim.com.br
3	bat.bing.com	emprestimosim.com.br bat.bing.com
3	9568187.fls.doubleclick.net	1 redirects www.googletagmanager.com emprestimosim.com.br
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	eb2.3lift.com	1 redirects
2	cw.addthis.com
2	pixel.tapad.com	1 redirects
2	cm.mgid.com	1 redirects
2	partner.mediawallahscript.com	1 redirects
2	r.casalemedia.com	1 redirects
2	x.bidswitch.net	1 redirects
2	ad.360yield.com	1 redirects
2	trc-events.taboola.com	az416426.vo.msecnd.net
2	scripts.rubiconredirect.com	pixel.rubiconredirect.com scripts.rubiconredirect.com
2	cms.getblue.io	event.getblue.io
2	cm.g.doubleclick.net	2 redirects
2	pixel.rubiconredirect.com	emprestimosim.com.br
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-14643-9.seg.t.tailtarget.com	emprestimosim.com.br d.tailtarget.com
2	d.tailtarget.com	emprestimosim.com.br d.tailtarget.com
2	event.getblue.io	www.googletagmanager.com event.getblue.io
2	c.clarity.ms	1 redirects emprestimosim.com.br
2	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
2	www.googletagmanager.com	emprestimosim.com.br tags.t.tailtarget.com
1	api.soclminer.com.br	az416426.vo.msecnd.net
1	idsync.rlcdn.com
1	simage2.pubmatic.com
1	ad.tpmn.co.kr
1	d.turn.com	1 redirects
1	us-u.openx.net
1	s.ad.smaato.net
1	contextual.media.net
1	ads.yahoo.com
1	pixel.rubiconproject.com
1	sync-t1.taboola.com
1	sync.outbrain.com
1	crb.kargo.com
1	t.tailtarget.com	emprestimosim.com.br
1	widget.getblue.io	event.getblue.io
1	hitbr.acstat.com	az416426.vo.msecnd.net
1	www.googleadservices.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	pubads.g.doubleclick.net	emprestimosim.com.br
1	az416426.vo.msecnd.net	emprestimosim.com.br
1	widget.us.criteo.com	emprestimosim.com.br
1	sslwidget.criteo.com	1 redirects
1	adservice.google.com	9568187.fls.doubleclick.net
1	c.bing.com	1 redirects
1	www.clarity.ms	bat.bing.com
1	mug.criteo.com	emprestimosim.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	trc.taboola.com	cdn.taboola.com
1	tags.t.tailtarget.com	emprestimosim.com.br
1	advcake.dataroyal.com.br	emprestimosim.com.br
1	plugins.soclminer.com.br	emprestimosim.com.br
1	static.criteo.net	www.googletagmanager.com
1	static.hotjar.com	emprestimosim.com.br
1	smct.co	www.googletagmanager.com
1	cdn.jsdelivr.net	emprestimosim.com.br
1	www.googleoptimize.com	emprestimosim.com.br
1	cdnjs.cloudflare.com	emprestimosim.com.br
182	78

This site contains links to these domains. Also see Links.

Domain
app.adjust.com
play.google.com
apps.apple.com
www.infomoney.com.br
fdr.com.br
exame.abril.com.br
olhardigital.com.br
economia.estadao.com.br
veja.abril.com.br
www.facebook.com
www.linkedin.com
www.youtube.com
www.instagram.com
api.whatsapp.com

Subject Issuer	Validity	Valid
emprestimosim.com.br Entrust Certification Authority - L1K	`2021-08-17` - `2022-09-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-25` - `2021-12-24`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
smct.co Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
br.acstat.com R3	`2021-12-15` - `2022-03-15`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.getblue.io Amazon	`2021-10-15` - `2022-11-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.dev.kargo.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-12-06` - `2022-01-26`	2 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
ad.tpmn.co.kr GTS CA 1D4	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://emprestimosim.com.br/
Frame ID: A489A1EEAACDA0026BF52F28D309D69B
Requests: 150 HTTP requests in this frame

Frame: https://9568187.fls.doubleclick.net/activityi;dc_pre=CNT4xevF6PQCFcFEHQkd7IEAsw;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F
Frame ID: C9A48576CDF89E351F05891C08F15D09
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=emprestimosim.com.br&origin=onetag
Frame ID: C6F689386BC58DE55DD399F675B6F485
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 3EDF8433CF7BB0598F7126A10DE18132
Requests: 1 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&v=13072020-1328&nocache=2932949402633.405
Frame ID: C7096DE769A49876B56AA60E52C8BFB1
Requests: 4 HTTP requests in this frame

Frame: https://scripts.rubiconredirect.com/safeframe
Frame ID: D0F60D66615A492AEBB96A370172B9A5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Frame ID: 0F9C29B9F41A74D2205A9511831D47B9
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo Online e Rápido | Empréstimo SIM

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

182
Requests

89 %
HTTPS

35 %
IPv6

50
Domains

78
Subdomains

64
IPs

9
Countries

2636 kB
Transfer

4543 kB
Size

90
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://app.adjust.com/cze52z4?campaign=chat_bot&deeplink=com.aymore%3A%2F%2F
Title: Disponível naGoogle Play

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.aymore.sim
Title: Disponível naGoogle Play

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/empr%C3%A9stimo-sim/id1479233209
Title: Disponível naApp Store

Search URL Search Domain Scan URL

URL: https://www.infomoney.com.br/minhas-financas/santander-lanca-plataforma-digital-de-emprestimos-com-garantias-variadas-2/
Title: Link Infomoney

Search URL Search Domain Scan URL

URL: https://fdr.com.br/2020/10/10/santander-plataforma-de-emprestimos-sim-atinge-1-milhao-de-cadastros/

Search URL Search Domain Scan URL

URL: https://exame.abril.com.br/negocios/santander-ira-lancar-novas-plataformas-de-credito-para-brigar-com-fintechs/

Search URL Search Domain Scan URL

URL: https://olhardigital.com.br/2021/05/13/pro/fintech-de-emprestimo-pessoal-do-santander-alcanca-r-1-bi-em-carteira/

Search URL Search Domain Scan URL

URL: https://economia.estadao.com.br/blogs/coluna-do-broad/santander-quer-deslanchar-fintech-que-da-credito-pessoal-com-garantias-como-casas-carros-e-motos/

Search URL Search Domain Scan URL

URL: https://veja.abril.com.br/blog/radar-economico/fintech-do-santander-consegue-alcancar-lucratividade-em-seu-segundo-ano/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EmprestimoSim

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/emprestimo-sim

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCUQmuTiOEyXHVXaKtyiWbGw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/emprestimosim/

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=551130034362
Title: (11) 3003-4362

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://9568187.fls.doubleclick.net/activityi;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F HTTP 302
https://9568187.fls.doubleclick.net/activityi;dc_pre=CNT4xevF6PQCFcFEHQkd7IEAsw;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F

Request Chain 90

https://gum.criteo.com/sid/json?origin=onetag&domain=emprestimosim.com.br&sn=ChromeSyncframe&so=0&topUrl=emprestimosim.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ioEisXxtNGZCbDNWZ0pOTk5wSld2YjBsV1U1Qk5meEVkcy9uN1AvaU9DMEhENWdjNktNeXhRSzBGS3kvRnczZkUxTWx3VXNsRm5INEtweGpSaTBOQTd1MnFTSFRld3RpUkdiSkdRTlJvYkVkUkhXZmEyb2dZZzdOb1hETUYvdkliWDhpcnJmaGJNaUNmdUttdE53V0hGdC93TWEyQ21vS2hKSlZtVEVET0w4MTJYRW9WUXBKOGNnTVcxVUx3cWs4clBJNUxRQzlEVjRZUE8ya0RjRDlzeWloSEVsVzNlY3g5Y3NEQVUvNjFUdGhOcmY2U3FpOUxwWFMrcW1OZ3F2M21RdjYwUlU1QS9Sa0N4NElFS0ZOSlVaTGRNSk9URDFjUnNqbTM1eUowcHFEaVY4UT18&cppv=2

Request Chain 110

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=0E5B70F2F1554793BD17A204F6E9C6AF&RedC=c.clarity.ms&MXFR=188FAB4EFD0E622C0498BA41F90E6CB2 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=0E5B70F2F1554793BD17A204F6E9C6AF&MUID=34D8ED5BA1306E3E37DDFC54A05B6F58

Request Chain 112

https://sslwidget.criteo.com/event?a=67801&v=5.8.0&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%255B68248%252C67801%255D&adce=1&bundle=wTucHl96NktSanMxM3dSSXRvWWJQMlZsQnFKSXNuYUN5V1FnVG80ayUyRmJQdURLSXk2dDRVUGo2Vmc4JTJGek1uUiUyRktuMUpBZzV4aENySnV2RHozdGI2N0JKZmZvcE0xOHFzZHhpUnVNamxvbklsdjhJeWFPS2dlYnd2UmVJV3p4VU9aM3ZRaFd3TWNJWGhZREtVUTVKYlVmVk0lMkZPWTg3TnRlRmU5RVM2Q3pOVmFOZVdVNCUzRA&tld=emprestimosim.com.br&dtycbr=58232 HTTP 302
https://widget.us.criteo.com/event?a=67801&v=5.8.0&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%255B68248%252C67801%255D&adce=1&bundle=wTucHl96NktSanMxM3dSSXRvWWJQMlZsQnFKSXNuYUN5V1FnVG80ayUyRmJQdURLSXk2dDRVUGo2Vmc4JTJGek1uUiUyRktuMUpBZzV4aENySnV2RHozdGI2N0JKZmZvcE0xOHFzZHhpUnVNamxvbklsdjhJeWFPS2dlYnd2UmVJV3p4VU9aM3ZRaFd3TWNJWGhZREtVUTVKYlVmVk0lMkZPWTg3TnRlRmU5RVM2Q3pOVmFOZVdVNCUzRA&tld=emprestimosim.com.br&dtycbr=58232

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=getblue&google_cm&&google_sc&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&google_ula=6580826752&ula=6580826752&google_hm=RjRGMkUzMUMtNjQ1Ni00MzUwLTg5RDRENDUyODM4NDkwQTQ&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb HTTP 302
https://cms.getblue.io/cm/?src=adx&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&ula=6580826752&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&google_gid=CAESEGdCD_ugpV5-x8PncbVXaI4&google_cver=1&google_ula=6580826752,0

Request Chain 150

https://ib.adnxs.com/setuid?entity=449&code=F4F2E31C-6456-4350-89D4D452838490A4 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3DF4F2E31C-6456-4350-89D4D452838490A4

Request Chain 151

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&appnexusid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3DF4F2E31C-6456-4350-89D4D452838490A4%26cid%3D5C452402-DDBE-CC15-BDE4291B44D501AB%26blueID%3D450c0659-6cf5-4209-91d1-6cb423ee7dbb%26appnexusid%3D%24UID HTTP 302
https://cms.getblue.io/cm/?src=appnexus&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&appnexusid=5550640032459651103

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1hY0VNc3Z2N3V6RVRzRHNUSEtKR29zSFpxRUVjSjhEUThYdjhLZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 157

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5550640032459651103

Request Chain 161

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-IvNIo_v7uzETsDsTHKJGosHZqEFIi_rG_XdqPQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IvNIo_v7uzETsDsTHKJGosHZqEFIi_rG_XdqPQ

Request Chain 164

https://pixel.advertising.com/ups/55945/sync?uid=k-nKkW-fv7uzETsDsTHKJGosHZqEEXktSwdsuymg&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-nKkW-fv7uzETsDsTHKJGosHZqEEXktSwdsuymg&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-nKkW-fv7uzETsDsTHKJGosHZqEEXktSwdsuymg&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4

Request Chain 167

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-EzNVNPv7uzETsDsTHKJGosHZqEH8xOVlkrZl6g&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-EzNVNPv7uzETsDsTHKJGosHZqEH8xOVlkrZl6g&expires=30

Request Chain 168

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B50VAfv7uzETsDsTHKJGosHZqEFeCDvK9R66UQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B50VAfv7uzETsDsTHKJGosHZqEFeCDvK9R66UQ&C=1

Request Chain 171

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&custom=&tag_format=img&tag_action=sync&custom=&cb=a6448716-1fed-45ef-ae92-3aa92d90c768 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=a6448716-1fed-45ef-ae92-3aa92d90c768&final=true&reqid=bb2bb710-5e7d-11ec-bd86-653679b3667f&timestamp=2021-12-16T14%3A37%3A44.578Z

Request Chain 172

https://cm.mgid.com/m?cdsp=617660&c=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg HTTP 307
https://cm.mgid.com/m?c=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&cdsp=617660&sct=1

Request Chain 173

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg

Request Chain 175

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/64O73UqC71qE2HCiXj9LD5cvXXIw-MgQ/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8186999735332245094

Request Chain 178

https://eb2.3lift.com/xuid?mid=2711&xuid=k--ZqnBPv7uzETsDsTHKJGosHZqEFyNzKzPJKJtA&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k--ZqnBPv7uzETsDsTHKJGosHZqEFyNzKzPJKJtA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 182

https://pixel.advertising.com/ups/55945/sync?uid=k-Siebbfv7uzETsDsTHKJGosHZqEEWxUYJWRv14w&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-Siebbfv7uzETsDsTHKJGosHZqEEWxUYJWRv14w&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4

Request Chain 184

https://pixel.advertising.com/ups/55945/sync?uid=k-sD1-xvv7uzETsDsTHKJGosHZqEHFxjb76IQNhQ&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-sD1-xvv7uzETsDsTHKJGosHZqEHFxjb76IQNhQ&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4

Request Chain 185

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=plJDk1Eh92HI2XpdqXNOR2sIPqyN6we4

182 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
emprestimosim.com.br/ 67 KB
13 KB 510ms
96ms Document
text/html 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fb57602da70594b9a0c016c0f38d17a826fc249c364f642fd2a944e8b9902282

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 16 Dec 2021 14:37:41 GMT
Content-Type: text/html
Content-Length: 12268
Connection: keep-alive
Content-MD5: Hn8rjj6k/Pwj+4o4U5JGDg==
Last-Modified: Thu, 16 Dec 2021 12:02:52 GMT
Accept-Ranges: bytes
ETag: "0x8D9C08BFCFDFC4C"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 41864488-901e-009d-1e75-f2c91d000000
x-ms-version: 2018-03-28
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=105

GET
H/1.1 200
OK hero-m-1.webp
emprestimosim.com.br/assets/images/home/mobile/ 22 KB
22 KB 99ms
99ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/mobile/hero-m-1.webp
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 87c1de9aea20cba9c3dcabaeb0bbfa8785928480d506c3c2b6ed90a726e5e486

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:41 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:03 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: dbYixasnYRLc7oDbPFNtHA==
ETag: "0x8D9C08C03A5523E"
Content-Type: application/octet-stream
x-ms-request-id: 42744efd-d01e-0078-3974-f2985f000000
Cache-Control: max-age=226
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22504

GET
H/1.1 200
OK hero-1.webp
emprestimosim.com.br/assets/images/home/desktop/ 82 KB
82 KB 377ms
185ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/desktop/hero-1.webp
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: acf5be56f209a330de84c19179e39d85f22ca8e89e864ae030a80e3f6c0d8349

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:04 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: CaaAkLPmwS/V54FtTQoe5A==
ETag: "0x8D9C08C044AEA32"
Content-Type: application/octet-stream
x-ms-request-id: d3c8ee32-e01e-00da-5575-f2a246000000
Cache-Control: max-age=378
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83780

GET
H/1.1 200
OK hero-m-1.jpg
emprestimosim.com.br/assets/images/home/mobile/ 86 KB
87 KB 98ms
98ms Image
image/jpeg 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/mobile/hero-m-1.jpg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8e35ac4fd1756306f009965d6fe9481b9397139a43391accbd2982f31ff934b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:04 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: u5CvYQSv8hfusChHMO/NpQ==
ETag: "0x8D9C08C03CF405D"
Content-Type: image/jpeg
x-ms-request-id: d3c937e6-e01e-00da-0675-f2a246000000
Cache-Control: max-age=437
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88278

GET
H/1.1 200
OK hero-1.jpg
emprestimosim.com.br/assets/images/home/desktop/ 195 KB
195 KB 97ms
96ms Image
image/jpeg 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/desktop/hero-1.jpg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c021dbaf03fa02196a021dafb20b30e306785b544390df3501032be13051306e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:04 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: EcJmmdaePvHqm+aXCzm2iQ==
ETag: "0x8D9C08C0403A9FA"
Content-Type: image/jpeg
x-ms-request-id: c5c18b39-101e-0048-0175-f22690000000
Cache-Control: max-age=224
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 199339

GET
H/1.1 200
OK style.min.css
emprestimosim.com.br/assets/css/ 285 KB
45 KB 196ms
96ms Stylesheet
text/css 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/css/style.min.css
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8ee7b97a5f26b72055e2952fd6d25cfae3a1c0bd1f202a3ad6a6f69ba7406071

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:11 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 4DTJUL3RXFhgolA2uvDFPg==
ETag: "0x8D9C08C07EDE2A8"
Vary: Accept-Encoding
Content-Type: text/css
x-ms-request-id: 54616f11-901e-0046-2875-f20f20000000
Cache-Control: max-age=541
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46089

GET
H2 200 jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 12 KB
3 KB 79ms
33ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1164554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2695
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-31fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUdqRjLbOmxmV2Hbofz0nSF%2B5BgPhh6fVWxmpb%2FQmYaEPvKfm5gAgRJue%2FDI%2Bf0at4kjKRqbDZgr%2FK61x9UcRYa8dxwF%2Byj9oX3eiusGCJNy2Q8p3Lr8aGCkJoLus1RjK39ik6LvrQbZueyJgn91m8xP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6be8a6b0ce9859ad-MXP
expires: Tue, 06 Dec 2022 14:37:41 GMT

GET
H/1.1 200
OK bootstrap.min.css
emprestimosim.com.br/assets/vendor/bootstrap/css/ 157 KB
24 KB 373ms
182ms Stylesheet
text/css 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:11 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Ov4V6XZzTZ2qwmMQEQxFlA==
ETag: "0x8D9C08C081E5917"
Vary: Accept-Encoding
Content-Type: text/css
x-ms-request-id: 4186dcc3-901e-009d-4575-f2c91d000000
Cache-Control: max-age=523
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23841

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 93 KB
36 KB 76ms
27ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5MGPS2G

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ced766df0eef2d357f99623b5f946b9eb4f999f91f181ab65d9b29f88c164a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36905
x-xss-protection: 0
expires: Thu, 16 Dec 2021 14:37:41 GMT

GET
H/1.1 200
OK icon-acessibility.svg
emprestimosim.com.br/assets/images/ 515 B
941 B 137ms
95ms Image
image/svg+xml 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/icon-acessibility.svg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0e99da59f51e650fbb1b6df59cc436aedfa1b47822eb32265c7e292782cd9c69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: faBe4LaJcFZG8JJQ7dMXUQ==
ETag: "0x8D9C08BFDD89974"
Content-Type: image/svg+xml
x-ms-request-id: d3c98ca6-e01e-00da-4175-f2a246000000
Cache-Control: max-age=456
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 515

GET
H/1.1 200
OK a-plus-icon.svg
emprestimosim.com.br/assets/images/ 799 B
1 KB 233ms
95ms Image
image/svg+xml 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/a-plus-icon.svg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 29d9a71189f653fe1537774392e7f3bd33fb545806d8becb1bb946e3a6bf046d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: NcM7Z34HC5T35BXhJ4u+6A==
ETag: "0x8D9C08BFDC6FA0B"
Content-Type: image/svg+xml
x-ms-request-id: d3c8c3ab-e01e-00da-4875-f2a246000000
Cache-Control: max-age=378
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 799

GET
H/1.1 200
OK a-minus-icon.svg
emprestimosim.com.br/assets/images/ 662 B
1 KB 147ms
94ms Image
image/svg+xml 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/a-minus-icon.svg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 028cfffbb95e5cf5b22d69c67eded5c775aa0d6f6ffb7f574793fa57d17099f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: HryWl9gS3X6l6zvx93k8lQ==
ETag: "0x8D9C08BFD5B1CED"
Content-Type: image/svg+xml
x-ms-request-id: c5c2e7c2-101e-0048-6476-f22690000000
Cache-Control: max-age=78
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 662

GET
H/1.1 200
OK icon-contraste.svg
emprestimosim.com.br/assets/images/ 865 B
1 KB 243ms
98ms Image
image/svg+xml 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/icon-contraste.svg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 06ea6bd5f25988532f34714dd3d9eaf8624eef5ccb866c9cd94eedc2e5dca957

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:55 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 7Duu35HmHUcf1C7zFEyxlQ==
ETag: "0x8D9C08BFE75AF83"
Content-Type: image/svg+xml
x-ms-request-id: 4186661f-901e-009d-2d75-f2c91d000000
Cache-Control: max-age=480
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 865

GET
H/1.1 200
OK logo-color.svg
emprestimosim.com.br/assets/images/ 3 KB
3 KB 134ms
96ms Image
image/svg+xml 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/logo-color.svg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 020d991f34b25255c5d3b70e6936745189ff0b2dbb2409382a50af9d1bdf5502

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:55 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: tE6DLN3mf94uEqDR+PtSHw==
ETag: "0x8D9C08BFE888611"
Content-Type: image/svg+xml
x-ms-request-id: c5c1a94f-101e-0048-0375-f22690000000
Cache-Control: max-age=404
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2644

GET
H/1.1 200
OK icon-login.png
emprestimosim.com.br/assets/images/ 670 B
1 KB 232ms
97ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/icon-login.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 005f6a0d314f06868f82daa1e0f8e6b94321af2a4cd410bc4a96ab879a1bdb31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: NejRQlC/N62Kx9oy2gqbKA==
ETag: "0x8D9C08BFDE47305"
Content-Type: image/png
x-ms-request-id: c5c15733-101e-0048-6c75-f22690000000
Cache-Control: max-age=555
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 670

GET
H/1.1 200
OK hero-2.webp
emprestimosim.com.br/assets/images/home/desktop/ 62 KB
62 KB 183ms
183ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/desktop/hero-2.webp
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5e70a7ded6c462f26c094a0ce5686085ba28617fc4721bbbc2670990cf763742

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:04 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: avEuQ7wbqi1z/7a2vHHX3Q==
ETag: "0x8D9C08C044E1AED"
Content-Type: application/octet-stream
x-ms-request-id: c5c06d41-101e-0048-0a75-f22690000000
Cache-Control: max-age=266
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63016

GET
H/1.1 200
OK hero-3.webp
emprestimosim.com.br/assets/images/home/desktop/ 62 KB
62 KB 98ms
98ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/desktop/hero-3.webp
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8dfc2405e5d08ab9ab252a66c10e32d7ea6f7bafb87e55bd454bd9a34cd9abd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:04 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: E1m67x+wH9fhEoUnfsxU1A==
ETag: "0x8D9C08C03E71A52"
Content-Type: application/octet-stream
x-ms-request-id: 418735a7-901e-009d-7e75-f2c91d000000
Cache-Control: max-age=564
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63266

GET
H/1.1 200
OK hero-m-2.webp
emprestimosim.com.br/assets/images/home/mobile/ 39 KB
40 KB 95ms
95ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/mobile/hero-m-2.webp
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6d736f50ef6d4795b13498d6d34c65f2d1b5ff499acc7a8495ea14952d6d6e2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:03 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Xmb7d1HqTZOcUEEi1secwA==
ETag: "0x8D9C08C03B40ED7"
Content-Type: application/octet-stream
x-ms-request-id: 54616f83-901e-0046-1175-f20f20000000
Cache-Control: max-age=352
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40394

GET
H/1.1 200
OK hero-3-mobile@2x.webp
emprestimosim.com.br/assets/images/home/mobile/ 40 KB
41 KB 100ms
99ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/mobile/hero-3-mobile@2x.webp
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c73a69f2dfe8ee35952f59dad1a17b01b3dad0cc5a3894a82bb4d6910385afa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:03 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: N/75ixk4/i5slhG7A6Ct8w==
ETag: "0x8D9C08C03B6F1AA"
Content-Type: application/octet-stream
x-ms-request-id: c5c0db0f-101e-0048-7375-f22690000000
Cache-Control: max-age=322
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41286

GET
H/1.1 200
OK money.png
emprestimosim.com.br/assets/images/home/cards/ 600 B
1022 B 191ms
96ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/cards/money.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 487fbd1d8ca8cf2e53e83886159aab9f6c254c56398c19bd122c36de31fb7692

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:03 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 48/NwRMuVFuxKIdr8b0hpg==
ETag: "0x8D9C08C0388E985"
Content-Type: image/png
x-ms-request-id: 41874d29-901e-009d-1975-f2c91d000000
Cache-Control: max-age=207
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 600

GET
H/1.1 200
OK carr.png
emprestimosim.com.br/assets/images/home/cards/ 730 B
1 KB 188ms
95ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/cards/carr.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5d9ffc968bbb93021c830faa409c2e74f8c9dc38553aa1d050b1dd577302df2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:03 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: aHLqDYXycrE3spmQrjy/uA==
ETag: "0x8D9C08C0399C676"
Content-Type: image/png
x-ms-request-id: d3c8976b-e01e-00da-2375-f2a246000000
Cache-Control: max-age=250
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 730

GET
H/1.1 200
OK icone-prestamista.png
emprestimosim.com.br/assets/images/home/cards/ 635 B
1 KB 187ms
95ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/cards/icone-prestamista.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6ad675bbd60efef34b982f0415da711f4d5762b907e837c7db65c9797ff80cbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:03 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9Kf3St3b3I8hbnupyhbLPQ==
ETag: "0x8D9C08C0380678E"
Content-Type: image/png
x-ms-request-id: 41854574-901e-009d-7475-f2c91d000000
Cache-Control: max-age=297
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 635

GET
H/1.1 200
OK logo-olhar-digital.png
emprestimosim.com.br/assets/images/logo/ 4 KB
5 KB 96ms
96ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/logo/logo-olhar-digital.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f619b5799e1a6dad1c8bfd400e565bd247d55283899b596f229eb9f627446375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:02 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ILiZH5XngdBW4TX1ABRPLA==
ETag: "0x8D9C08C03160F5D"
Content-Type: image/png
x-ms-request-id: 41876a18-901e-009d-4875-f2c91d000000
Cache-Control: max-age=591
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4518

GET
H/1.1 200
OK logo-estadao.png
emprestimosim.com.br/assets/images/logo/ 4 KB
4 KB 96ms
96ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/logo/logo-estadao.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 01051be053fcedd16a6ab6e7acc66608d4fbfb681cce4bea94acdd437d394df1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:02 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zOKW5YoX4QSeblrJt7KysQ==
ETag: "0x8D9C08C031EB830"
Content-Type: image/png
x-ms-request-id: 4185926a-901e-009d-7075-f2c91d000000
Cache-Control: max-age=329
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3618

GET
H/1.1 200
OK logo-veja.png
emprestimosim.com.br/assets/images/logo/ 2 KB
3 KB 95ms
95ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/logo/logo-veja.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: be005ce7104312aeda33300b76a1baded55fd069dc721cfb210629f5214b3b80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:02 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: q31tF6NOmEOLJjF1jKeKyg==
ETag: "0x8D9C08C03132C63"
Content-Type: image/png
x-ms-request-id: 418500fd-901e-009d-4774-f2c91d000000
Cache-Control: max-age=407
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2280

GET
H/1.1 200
OK infomoney-logo.png
emprestimosim.com.br/assets/images/logo/ 2 KB
2 KB 99ms
99ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/logo/infomoney-logo.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1324fd77be8e7aff037ca9c9c92a7860070d3a2e87e331f4c71703db9704494b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:03 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 2vgYOlkztiSolm6fzAoWEA==
ETag: "0x8D9C08C03388BC6"
Content-Type: image/png
x-ms-request-id: c5c27f0a-101e-0048-6c75-f22690000000
Cache-Control: max-age=149
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1593

GET
H/1.1 200
OK fdr.png
emprestimosim.com.br/assets/images/logo/ 2 KB
3 KB 102ms
102ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/logo/fdr.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 86ca0956287bf33bf7c403d72fe2fade985d7af3ac007aa32fd93c2a175f666e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:02 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: s1NmShz75wo2V4DNuu6Dcw==
ETag: "0x8D9C08C0310229C"
Content-Type: image/png
x-ms-request-id: c5c29ccf-101e-0048-7975-f22690000000
Cache-Control: max-age=125
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2354

GET
H/1.1 200
OK exame-logo.png
emprestimosim.com.br/assets/images/logo/ 2 KB
2 KB 98ms
98ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/logo/exame-logo.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6b7fe2019fa4dfc6f49c95484cb7a05501450530c897c26daee45487dfc29b5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:03 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: q7DCiWaXqwoZcmelp3i9MA==
ETag: "0x8D9C08C0335CFBC"
Content-Type: image/png
x-ms-request-id: 418537ac-901e-009d-0d75-f2c91d000000
Cache-Control: max-age=291
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1926

GET
H/1.1 200
OK post-1.jpg
emprestimosim.com.br/assets/images/ 70 KB
71 KB 105ms
105ms Image
image/jpeg 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/post-1.jpg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c1a32518942e5015bb0279d3209c80ad61931d97006692b0ef641ea8eda9a287

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: aQNSAaFUtZsZAL/8qR4AXw==
ETag: "0x8D9C08BFF27BCA6"
Content-Type: image/jpeg
x-ms-request-id: c5c0e7c8-101e-0048-6375-f22690000000
Cache-Control: max-age=449
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71895

GET
H/1.1 200
OK post-2.jpg
emprestimosim.com.br/assets/images/ 48 KB
48 KB 104ms
104ms Image
image/jpeg 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/post-2.jpg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7d6ec6a8be6a79f0e64f1d7dde87952afa9276af02dd779deb498e665cb9799

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: le/6yseVECJ/uQCbOLGYNQ==
ETag: "0x8D9C08BFDAF46EA"
Content-Type: image/jpeg
x-ms-request-id: 418603c5-901e-009d-4a75-f2c91d000000
Cache-Control: max-age=327
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48930

GET
H/1.1 200
OK post-3.webp
emprestimosim.com.br/assets/images/ 29 KB
30 KB 101ms
101ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/post-3.webp
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 32850ce957f8bf73923468dfed25d6f1c06e5ac02b7ce47c26084b2e2f697531

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: loLPzWMtIpeCOroUS/n3SA==
ETag: "0x8D9C08BFE0CB556"
Content-Type: application/octet-stream
x-ms-request-id: 4186286f-901e-009d-3f75-f2c91d000000
Cache-Control: max-age=403
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29880

GET
H/1.1 200
OK post-3.png
emprestimosim.com.br/assets/images/ 143 KB
144 KB 100ms
99ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/post-3.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 306f42a79bc1bc9d391a0409d8d2944c9e35bbe799350a7702be83a59c3455b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: dxoZY6oVO0Lpjmkkh7TjNw==
ETag: "0x8D9C08BFFFF4FFC"
Content-Type: image/png
x-ms-request-id: 4186b079-901e-009d-0d75-f2c91d000000
Cache-Control: max-age=452
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146882

GET
H/1.1 200
OK facebook-icon.png
emprestimosim.com.br/assets/images/ 185 B
607 B 98ms
98ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/facebook-icon.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b136dbfa78fbdc0b437f77bdcad9c5d61430e854cf81d0e9e05519dd34cc9813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: U5H9vH2sTPK/lY5nmgdueQ==
ETag: "0x8D9C08BFFB96DBD"
Content-Type: image/png
x-ms-request-id: 41880099-901e-009d-5876-f2c91d000000
Cache-Control: max-age=335
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 185

GET
H/1.1 200
OK linkedin-icon.png
emprestimosim.com.br/assets/images/ 222 B
644 B 95ms
95ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/linkedin-icon.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 31da01b4b96d1236e4e31701fd387c77d157c93890b1ed02daa10648a666e7a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Fog3kPVtiCoHUze7LE0v6w==
ETag: "0x8D9C08BFE2D85F1"
Content-Type: image/png
x-ms-request-id: 41864255-901e-009d-0275-f2c91d000000
Cache-Control: max-age=377
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 222

GET
H/1.1 200
OK youtube-icon.png
emprestimosim.com.br/assets/images/ 279 B
701 B 95ms
95ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/youtube-icon.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2b228086efc2c1c401b4fdaef2178d6e979ff4836b50f354fdc6c3a03d17ec28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: +PxMoRnm5kHyPzpT0RMeeA==
ETag: "0x8D9C08BFDC9DCFE"
Content-Type: image/png
x-ms-request-id: d3cad22f-e01e-00da-0376-f2a246000000
Cache-Control: max-age=188
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 279

GET
H/1.1 200
OK instagran-icon.png
emprestimosim.com.br/assets/images/ 357 B
779 B 117ms
116ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/instagran-icon.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c4ca5453e4e7057f6886a9abed8475282bebe77e3d557caae6e3c5b602f046a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:55 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: +MGO6ZgrdvtY0AO7M/EOIA==
ETag: "0x8D9C08BFEE3FAE7"
Content-Type: image/png
x-ms-request-id: d3cad217-e01e-00da-6b76-f2a246000000
Cache-Control: max-age=108
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 357

GET
H/1.1 200
OK logo-sim-rodape.png
emprestimosim.com.br/assets/images/ 803 B
1 KB 94ms
94ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/logo-sim-rodape.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 70d3488c2f6aa74fae0bead6cba1dd40a175b1de0c60ca33709a9cf692c5f1f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:55 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: X3uNRJV0HxSvzl1ffDYsMQ==
ETag: "0x8D9C08BFEB0C866"
Content-Type: image/png
x-ms-request-id: c5c1250e-101e-0048-0c75-f22690000000
Cache-Control: max-age=424
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 803

GET
H/1.1 200
OK icon-whats-app-footer.png
emprestimosim.com.br/assets/images/ 1 KB
1 KB 98ms
98ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/icon-whats-app-footer.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6fe7efed9a4312e1ab71d3610d45a086e045ffa27aa7794581ffdaa22fe557a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: aNTtt50wHtD4thc+3KX6Qg==
ETag: "0x8D9C08BFD6C95A7"
Content-Type: image/png
x-ms-request-id: 41864eab-901e-009d-4175-f2c91d000000
Cache-Control: max-age=246
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1088

GET
H/1.1 200
OK icon-sac.png
emprestimosim.com.br/assets/images/ 734 B
1 KB 103ms
103ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/icon-sac.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c1bf4b3e0d3235bfb1498486e6902c33f46638801c3e951eb7a41964da25175

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Lm0AV7ZKSCj7WYA8FBBC0g==
ETag: "0x8D9C08BFFBC02E7"
Content-Type: image/png
x-ms-request-id: d3cb95f7-e01e-00da-0d76-f2a246000000
Cache-Control: max-age=300
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 734

GET
H/1.1 200
OK icon-ouvidoria.png
emprestimosim.com.br/assets/images/ 459 B
881 B 103ms
102ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/icon-ouvidoria.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 18db69f82e97b7e73d6408effc8ff565de7bed09a33e404843c285ceddb98169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: bBBlaoWqCDGmny7ZLZn9fg==
ETag: "0x8D9C08BFD3E1899"
Content-Type: image/png
x-ms-request-id: 41867225-901e-009d-4475-f2c91d000000
Cache-Control: max-age=520
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 459

GET
H/1.1 200
OK logo-grupo.png
emprestimosim.com.br/assets/images/ 3 KB
3 KB 102ms
101ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/logo-grupo.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1d121dba61f66283c750f65d6d81811a4de81e934c2b88af484e20ea0b47d0ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: jg2phPyq9G3DMovh+tpfow==
ETag: "0x8D9C08BFDF7E529"
Content-Type: image/png
x-ms-request-id: 41877bdd-901e-009d-3675-f2c91d000000
Cache-Control: max-age=82
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2562

GET
H/1.1 200
OK icon-site-seguro.png
emprestimosim.com.br/assets/images/ 1 KB
2 KB 99ms
98ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/icon-site-seguro.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b5040fe6d40543776d53964540a5ae4b627fedae92c6b33cd2eb37bbd17e00ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:55 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: JnVG4EC+rz+mUehOXAqvog==
ETag: "0x8D9C08BFEC93DF7"
Content-Type: image/png
x-ms-request-id: c5c2ce66-101e-0048-4f76-f22690000000
Cache-Control: max-age=169
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1270

GET
H/1.1 200
OK jquery.min.js Show response
emprestimosim.com.br/assets/plugin/jquery/ 87 KB
31 KB 96ms
96ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/plugin/jquery/jquery.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:11 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: fBSng9/rPSOMzT7dhA2C7g==
ETag: "0x8D9C08C086D31E0"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 418568e6-901e-009d-3e75-f2c91d000000
Cache-Control: max-age=180
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30943

GET
H/1.1 200
OK jquery.mask.min.js Show response
emprestimosim.com.br/assets/plugin/jquery/ 8 KB
4 KB 96ms
95ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/plugin/jquery/jquery.mask.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 963175c7145b4c3511190ca12eaee50d09360dc66992c04d9ea066658570ee1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:11 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: EVos6163gOoEGVN2yr7LXg==
ETag: "0x8D9C08C086A2810"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 54616c8b-901e-0046-6775-f20f20000000
Cache-Control: max-age=151
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3394

GET
H/1.1 200
OK swiper.min.js Show response
emprestimosim.com.br/assets/plugin/swiper/ 135 KB
35 KB 187ms
185ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/plugin/swiper/swiper.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 883b61a0129a1c642102f5710a0366aedd0492e9e07b42e9d3f3c1136fc5ecf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:11 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: dFQv0QcVY3dkWfVb+/GXIw==
ETag: "0x8D9C08C08734598"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 4186ff76-901e-009d-1175-f2c91d000000
Cache-Control: max-age=563
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35084

GET
H/1.1 200
OK modernizr-custom.js Show response
emprestimosim.com.br/assets/vendor/modernizr/ 3 KB
2 KB 373ms
93ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/vendor/modernizr/modernizr-custom.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c0fc46e9c98ea5580cc72895140b9df71a21956c6420cfbd21d30a8d99cb175

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:11 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: NTMERj1KWcaD9vSwFEwGKg==
ETag: "0x8D9C08C08315692"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: d3c8ac7e-e01e-00da-1375-f2a246000000
Cache-Control: max-age=387
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1523

GET
H/1.1 200
OK aos.js Show response
emprestimosim.com.br/assets/vendor/aos/ 14 KB
5 KB 380ms
95ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/vendor/aos/aos.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:11 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 03GONO6wNVvo4xeaLivMtw==
ETag: "0x8D9C08C08371C6E"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: d3cb3ebc-e01e-00da-5876-f2a246000000
Cache-Control: max-age=58
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4699

GET
H/1.1 200
OK jquery.fancybox.min.js Show response
emprestimosim.com.br/assets/vendor/jquery.fancy/ 67 KB
22 KB 101ms
100ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/vendor/jquery.fancy/jquery.fancybox.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:11 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Saa00BmpNLz4Pww5frqC2A==
ETag: "0x8D9C08C0808C675"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 41866549-901e-009d-7075-f2c91d000000
Cache-Control: max-age=195
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22012

GET
H/1.1 200
OK cpf.min.js Show response
emprestimosim.com.br/assets/js/ 2 KB
1 KB 101ms
100ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/cpf.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 99b967491599021c6cc0ea663b6625f793e8904aad07726369e7606914b949d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: AeOqz4d/Ors7A1dLuG9K/g==
ETag: "0x8D9C08C088D192D"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 546198e8-901e-0046-0675-f20f20000000
Cache-Control: max-age=281
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 778

GET
H/1.1 200
OK app.js Show response
emprestimosim.com.br/assets/js/ 608 B
730 B 96ms
96ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/app.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e738597d37abf0cfe4244ce0580b43a9ba2132810438299c2d8e9201d6aa161c

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:11 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9LnZYTxiBXXYSi2qcAqm4g==
ETag: "0x8D9C08C0878E493"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 5460e7b2-901e-0046-6c75-f20f20000000
Cache-Control: max-age=145
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 248

GET
H/1.1 200
OK main.min.js Show response
emprestimosim.com.br/assets/js/ 2 KB
921 B 101ms
100ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/main.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f4f71525283fe2a27ceee023b03774b9d99501435bcecbf65459803156e7f557

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: fesPoRK6SuL8/f/kj5oPkw==
ETag: "0x8D9C08C08844969"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 41865a98-901e-009d-5375-f2c91d000000
Cache-Control: max-age=360
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 439

GET
H2 200 base64.min.js Show response
cdn.jsdelivr.net/npm/js-base64@3.6.1/ 4 KB
3 KB 73ms
32ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-base64@3.6.1/base64.min.js

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76b37dc6098460c2a53be5b75b49a65b3c26fe96430d900ecc4c5a2da022064a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4470595
x-jsd-version: 3.6.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19136-FRA, cache-mxp6976-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1190-v5Y1y0OanevFF99UB3l5AIhqDmo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6be8a6b339f083be-MXP

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
85 KB 71ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cff4c9a7cfb81ada40cab74cc0af1ada391fb13300b7cc782c2fa0cc2150a607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86110
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Dec 2021 14:37:42 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78a4affa9e84f4e8c47b0f36d693be58b9b3ae8fa915658bc1a5f22b8a0779a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 558 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 957b7ec761af8562d4f804961544adb70b58962d66bcb7b44faf67f94b1e0767

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/973e2e/00000000000000003b9b18c4/27/ 32 KB
33 KB 57ms
25ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/973e2e/00000000000000003b9b18c4/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 28f797f5a9ae23852225ec2100e27e4a8df49ec18e9998c5f3d1d8b793c7cb16

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
server: nginx
etag: "60ccfc8d6f6497331ad99cf12b375f274289706e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33160

GET
H2 200 l
use.typekit.net/af/f06b5c/00000000000000003b9b18c0/27/ 33 KB
33 KB 52ms
20ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f06b5c/00000000000000003b9b18c0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8412ebbbd663c6edcfdbb56534eb91b525d21761bb1a1d4332e5fc59d3df78aa

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
server: nginx
etag: "ed725acb4799b048c49274fadcbcb327f41e37b7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33416

GET
H2 200 l
use.typekit.net/af/dc9a99/00000000000000003b9b18c5/27/ 24 KB
24 KB 45ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dc9a99/00000000000000003b9b18c5/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bf94c909adf6a828a90f52019d2084d0bea370640406f9536e107ac09ce2caf4

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
server: nginx
etag: "205184036cd705ba5a477b93df73ff52f067bb66"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24540

GET
H2 200 l
use.typekit.net/af/8c228a/00000000000000003b9b18c2/27/ 23 KB
23 KB 66ms
35ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8c228a/00000000000000003b9b18c2/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ad64b7257343823e34f07ccba543c9fd46b9de103d9de40189ff2ab67c6ada29

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
server: nginx
etag: "00974da915071d05b26f3b351f262a6a2f8c895e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23792

GET
DATA 200
OK truncated
/ 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71ebd5114ebf1a3b32c0eaebce288307488224ec79f3f8a8ceeee8876d0af59d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK play-icon.png
emprestimosim.com.br/assets/images/ 1 KB
2 KB 96ms
96ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/play-icon.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3330c8a22c1f813b5b0e27fb8f66d3b712635344b270f3ef84690f7066ffdcdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: IT9KJFflxLyWEAat4O+CDQ==
ETag: "0x8D9C08BFFA08392"
Content-Type: image/png
x-ms-request-id: d3c8d178-e01e-00da-3c75-f2a246000000
Cache-Control: max-age=413
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1160

GET
DATA 200
OK truncated
/ 628 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a5c1251e7077f92a2113be5b8474f21cd1e05093a3104c7f2436aeedb19256

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK arrow-top.png
emprestimosim.com.br/assets/images/ 4 KB
5 KB 276ms
95ms Image
image/png 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/arrow-top.png
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a2baa7178afbf3ed69bb633c8faf3413fb5a641559f7ca9e4baff9e85d0b9322

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ru2NAdgZLo25PV6ZUe9G7w==
ETag: "0x8D9C08BFD557DEC"
Content-Type: image/png
x-ms-request-id: c5c0dac0-101e-0048-2e75-f22690000000
Cache-Control: max-age=43
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4035

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 l
use.typekit.net/af/f341ab/00000000000000003b9b17f3/27/ 23 KB
24 KB 15ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f341ab/00000000000000003b9b17f3/27/l?subset_id=2&fvd=n8&v=3
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6faf85a32370b0f1bdb03fe27e70c2afcafe3d28d6ecd7427d82abe90739f88f

Request headers

Referer: https://emprestimosim.com.br/
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
server: nginx
etag: "a06540497c87f3b94982941a117a162f547d197a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23928

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: WlCfXFFLmHb9WTCSZg1eJA32PhCJOlstucV0953YK2N8/GjZVQw91KQGvrT7u/QboKje13r3fzLHcNLlB8njuA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Dec 2021 14:37:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5796
date: Thu, 16 Dec 2021 13:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 15:01:06 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1297567/ 75 KB
25 KB 24ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1297567/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c634169ddec0a7d173c26eae773a6e9287107b5636292eaa9e95d28e6a5e62d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: GsYSsmNXwNBGde2.QcIZqHuUa4wjXQ91
content-encoding: gzip
etag: "434ccf287621b08d77b81ae4e5aef272"
age: 655
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 24964
x-amz-id-2: QbNan6d/B0j3K7ms/N6NpATUGNypg0eBg2JXXxFMz2MjKVjwtTFJeXcMWSf/qRvC6jmNykmC3hE=
x-served-by: cache-hhn4030-HHN
last-modified: Mon, 13 Dec 2021 13:05:14 GMT
server: AmazonS3
x-timer: S1639665462.443356,VS0,VE1
date: Thu, 16 Dec 2021 14:37:42 GMT
vary: Accept-Encoding
x-amz-request-id: EW20D6KMT3JNGC8V
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 68
x-cache-hits: 1

GET
H3

200

activityi;dc_pre=CNT4xevF6PQCFcFEHQkd7IEAsw;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimos... Show response
9568187.fls.doubleclick.net/ Frame C9A4
Redirect Chain

https://9568187.fls.doubleclick.net/activityi;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestim...
https://9568187.fls.doubleclick.net/activityi;dc_pre=CNT4xevF6PQCFcFEHQkd7IEAsw;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;...

425 B
361 B

139ms
124ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9568187.fls.doubleclick.net/activityi;dc_pre=CNT4xevF6PQCFcFEHQkd7IEAsw;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

75818feb9ac09f9b8233998bec39da72278587000fe97db712c04a99d79c9654

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 16 Dec 2021 14:37:42 GMT
expires: Thu, 16 Dec 2021 14:37:42 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 336
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 16 Dec 2021 14:37:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9568187.fls.doubleclick.net/activityi;dc_pre=CNT4xevF6PQCFcFEHQkd7IEAsw;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
smct.co/tm/ 59 B
311 B 143ms
45ms Script
application/javascript 52.48.136.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smct.co/tm/?t=emprestimosim.com.br
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.136.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-136-232.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 9be1dca15c6fb5b4a1fc6e813aebae4b7c2d68eb81cc6a9cb21952def0e066e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: cache
Date: Thu, 16 Dec 2021 14:37:42 GMT
Server: Apache
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=900
Connection: keep-alive
Content-Length: 59
Expires: Thu, 16 Dec 2021 14:52:42 GMT

GET
H2 200 hotjar-1523076.js Show response
static.hotjar.com/c/ 4 KB
2 KB 55ms
38ms Script
application/javascript 13.32.22.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1523076.js?sv=6

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-92.fra56.r.cloudfront.net

Software

Resource Hash

37408e9d210662601814265ec09573aa9ec177428be2fb402bbc6700091dfa7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-C2
etag: W/2754555825d683dd1afc27467dcb5df2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1909
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-id: j0VXQVe6FaO14OFOAvZm1MGlC7HiIRUDPyH48nFYIOXYS9JsfzlKwQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 54ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 203129D5BD554029AA5242BA19642FC7 Ref B: FRAEDGE1415 Ref C: 2021-12-16T14:37:42Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 56ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 08:29:00 GMT
server: nginx
etag: W/"615c0ccc-a373"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Dec 2021 14:37:42 GMT

GET
H2 200 all.min.js Show response
plugins.soclminer.com.br/v3/sdk/ 129 KB
34 KB 89ms
30ms Script
application/javascript 2606:4700:20::681a:d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac874abebe7e308db06ea6d95939d88db1a71a0a19f9be1bf73fe824925e466

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10496
x-amz-request-id: 0J1HAS844XVJJPK4
x-amz-id-2: brEX0nb9vxDC6pQxZV630B7G1Kw489aNrnAeBvSjqolqYtAFddQGvYW8Lax1LykbRJ7r8MxLMcs=
last-modified: Wed, 01 Dec 2021 23:19:59 GMT
server: cloudflare
etag: W/"6231661cba71e01d4082472a458171a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oH85kNigCu6QakgTuECD9JEalviVe6gCu66v8UXuXzVaOhRD6UdqqnL8BlQiLWfD00oZQ8lhQQqk6y%2Fu36KKEzcYLHxQNrDfwa7asg8WNBZ89TVRMUJQpxYzyJaEIj8LA8WI2WDaHt2Q9CqBPzyVrRpGlDXBMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 6be8a6b4a8ce83af-MXP

GET
H/1.1 200
OK dataroyal_tag.js Show response
advcake.dataroyal.com.br/scripts/ 13 KB
4 KB 886ms
221ms Script
application/javascript 177.54.158.78
Maxihost LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 177.54.158.78 Jaboatao dos Guararapes, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS: game.strongerhosting.com.br
Software: nginx /
Resource Hash: 4b6f82250c1c112b470293e7f7a2f4b8211ab930bfeaf34f41395d5f0ec5176c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Content-Encoding: gzip
Last-Modified: Thursday, 16-Dec-2021 14:37:43 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8, application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 20 KB
7 KB 117ms
95ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-14643-9/CT-1829
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6bb7382e03f8ab0dc4a5caf5063c2386d8dbd4269fc75ec1f45dc6295f6fb34c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdudT3razVB7B0JZCm-_747Ao0DyzcNlikkIjfsHfRroS6BS_YcoYaAxjNpYYeExfBzMrjnuldjnTxNrv5BY5kE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 6984
last-modified: Fri, 12 Nov 2021 20:44:40 GMT
server: nginx/1.8.1
etag: "1d37e2546d298daf4e6c2325d1735e09"
vary: Accept-Encoding
x-goog-hash: md5=HTfiVG0pja9ObCMl0XNeCQ==
x-goog-generation: 1636749880208591
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 6984
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 16 Dec 2021 16:37:42 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 118 KB
35 KB 282ms
222ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3OT6US5HQ61EDM143T0&lib=ttq
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7834930d02299cc017b7ba4ee8e823d43c86515b46a6ce4c967b982c3f8cba14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id: 128a9bfd.1ab357a7
date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-222-79-47.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1639665462576514
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 156,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=191, origin; dur=5, inner; dur=1
content-length: 35353
pragma: no-cache
server: nginx
x-tt-logid: 202112161437420101130060712428958A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.222.79.47
x-tt-trace-host: 019fb33fe263e90dd5da21fa562235761f2f322ea44ee52c1a7b98c6c2681fe98501f08be6b7e2331409570e8accd05376f525b884328347a6b9647e97192aa79607bf88a3446b36e134bcfb9a0c8127e1f1a68cd16fc9871f21e01b63658fdc8fa97714cae305d3e4562b2affbed2defe
expires: Thu, 16 Dec 2021 14:37:42 GMT

GET
H2 200 activityi;register_conversion=1;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F
9568187.fls.doubleclick.net/ 0
0 57ms
15ms Image
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9568187.fls.doubleclick.net/activityi;register_conversion=1;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F?
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
716 B 101ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10154718&gtmcb=1086776965

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 16 Dec 2021 14:37:42 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: QM153tQjiHr4O2SNfqV9kNdVDR0CYt5SWTFXgcJ0bISPLWdTSpu/xhMgWxIgwA4U325TzPkqZzYV3swirxQsKQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 16 Dec 2021 14:37:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 410615119637636 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 53ms
53ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410615119637636?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e1f87a0a9e879ebb1ecbd4289959da98fe431b56aec57a127764544aa789fa1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: z7RWEok5yg71lSu/x3FK0qwnffaNmLCjKfg8Hzk6HGlbZvNTsrl3Ed7Y8ghgYCKYOWMj4rhdowB0NKMlyVj3Jw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Dec 2021 14:37:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1297567/trc/3/ 2 KB
1 KB 29ms
26ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1297567/trc/3/json?tim=1639665462470&data=%7B%22id%22%3A751%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1639665462465%2C%22cv%22%3A%2220211213-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Femprestimosim.com.br%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Demprestimosim-br-video%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1639665462469%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Femprestimosim.com.br%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A24%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1297567/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d9a2f001a591c56ecd539d99bbc567cabde920e0c0ceb4cc42ca8f6249d5dcd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
server: nginx
x-timer: S1639665463.504473,VS0,VE20
x-served-by: cache-hhn4030-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 95 KB
37 KB 38ms
19ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-5MGPS2G&t=gtm93&cid=210996865.1639665462

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e90615c3c06319f4622408a45b372f057c11e5ff2e27add16604dde77318c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37983
x-xss-protection: 0
expires: Thu, 16 Dec 2021 14:37:42 GMT

GET
H2 200 modules.cbd9b920d05cd9e47f57.js Show response
script.hotjar.com/ 227 KB
60 KB 28ms
9ms Script
application/javascript 13.32.22.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1523076.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-49.fra56.r.cloudfront.net

Software

Resource Hash

2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 687696
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60953
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 15:35:08 GMT
etag: "7a85a2a595def8796a50e919e49cda7a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: FvQ3cPYg1NRJOCPcCZxb9eP1l41bHj-uX4wva5EsYSSrhe_gRU15VQ==

GET
H2 200 17215600.js Show response
bat.bing.com/p/action/ 690 B
761 B 153ms
152ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17215600.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cc293282b495a12623e29b2e8c3956de3b29f119f3fc98e05db7fbeeb2a92521

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 21B9A13281B842358D046528D22E52BE Ref B: FRAEDGE1415 Ref C: 2021-12-16T14:37:42Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 589

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C6F6 11 KB
5 KB 47ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=emprestimosim.com.br&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1937
date: Thu, 16 Dec 2021 14:37:41 GMT
content-length: 4683
strict-transport-security: max-age=86400; preload;

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410615119637636&ev=PageView&dl=https%3A%2F%2Femprestimosim.com.br%2F&rl=&if=false&ts=1639665462533&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.2.1639665462530.1130217378&it=1639665462463&coo=false&tm=1&exp=p1&rqm=GET

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 16 Dec 2021 14:37:42 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410615119637636&ev=Virtual%20Page%20View&dl=https%3A%2F%2Femprestimosim.com.br%2F&rl=&if=false&ts=1639665462534&cd[page]=%2F&cd[domain]=emprestimosim.com.br&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=28&fbp=fb.2.1639665462530.1130217378&it=1639665462463&coo=false&tm=2&exp=p1&rqm=GET

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 14:37:42 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2038855879&t=pageview&_s=1&dl=https%3A%2F%2Femprestimosim.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=2037652850&gjid=920851043&cid=210996865.1639665462&tid=UA-145849331-2&_gid=286272452.1639665462&_r=1&gtm=2wgc10TF55M3S&cd3=GTM-TF55M3S%3A159&cd6=lista_vazia&cd8=home&cd10=generico&z=1616717568

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://emprestimosim.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://emprestimosim.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 12ms
12ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1297567/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 1418
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: /QNK3PWCm0b5UK137rxUhtPkdAeMqVIowr91SLeY/wRT9D3O+mCa3kE3tOzi1ovsV4Jf+Oxr9RU=
x-served-by: cache-hhn4030-HHN
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1639665463.554833,VS0,VE0
date: Thu, 16 Dec 2021 14:37:42 GMT
vary: Accept-Encoding
x-amz-request-id: DM4KNHGQ201NE507
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 68
x-cache-hits: 1922

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-145849331-2&cid=210996865.1639665462&jid=2037652850&gjid=920851043&_gid=286272452.1639665462&_u=aGDAAEACQAAAAC~&z=364763828

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://emprestimosim.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 14:37:42 GMT
content-type: text/plain
access-control-allow-origin: https://emprestimosim.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C6F6
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=emprestimosim.com.br&sn=ChromeSyncframe&so=0&topUrl=emprestimosim.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=ioEisXxtNGZCbDNWZ0pOTk5wSld2YjBsV1U1Qk5meEVkcy9uN1AvaU9DMEhENWdjNktNeXhRSzBGS3kvRnczZkUxTWx3VXNsRm5INEtweGpSaTBOQTd1MnFTSFRld3RpUkdiSkdRTlJvYkVkUkhXZmEyb2dZZzdOb1hETU...

457 B
647 B

58ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ioEisXxtNGZCbDNWZ0pOTk5wSld2YjBsV1U1Qk5meEVkcy9uN1AvaU9DMEhENWdjNktNeXhRSzBGS3kvRnczZkUxTWx3VXNsRm5INEtweGpSaTBOQTd1MnFTSFRld3RpUkdiSkdRTlJvYkVkUkhXZmEyb2dZZzdOb1hETUYvdkliWDhpcnJmaGJNaUNmdUttdE53V0hGdC93TWEyQ21vS2hKSlZtVEVET0w4MTJYRW9WUXBKOGNnTVcxVUx3cWs4clBJNUxRQzlEVjRZUE8ya0RjRDlzeWloSEVsVzNlY3g5Y3NEQVUvNjFUdGhOcmY2U3FpOUxwWFMrcW1OZ3F2M21RdjYwUlU1QS9Sa0N4NElFS0ZOSlVaTGRNSk9URDFjUnNqbTM1eUowcHFEaVY4UT18&cppv=2

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3ed9b7c3aaad2012fb70a207e14020afe2cca88b7249e99b3e3a1ece18eb8154

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5622
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
strict-transport-security: max-age=86400; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=ioEisXxtNGZCbDNWZ0pOTk5wSld2YjBsV1U1Qk5meEVkcy9uN1AvaU9DMEhENWdjNktNeXhRSzBGS3kvRnczZkUxTWx3VXNsRm5INEtweGpSaTBOQTd1MnFTSFRld3RpUkdiSkdRTlJvYkVkUkhXZmEyb2dZZzdOb1hETUYvdkliWDhpcnJmaGJNaUNmdUttdE53V0hGdC93TWEyQ21vS2hKSlZtVEVET0w4MTJYRW9WUXBKOGNnTVcxVUx3cWs4clBJNUxRQzlEVjRZUE8ya0RjRDlzeWloSEVsVzNlY3g5Y3NEQVUvNjFUdGhOcmY2U3FpOUxwWFMrcW1OZ3F2M21RdjYwUlU1QS9Sa0N4NElFS0ZOSlVaTGRNSk9URDFjUnNqbTM1eUowcHFEaVY4UT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2045
content-length: 567
expires: 0

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK bg-home-cards@2x.webp
emprestimosim.com.br/assets/images/home/desktop/ 9 KB
10 KB 98ms
96ms Image
application/octet-stream 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/desktop/bg-home-cards@2x.webp
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 757718d6ba1bd6bfa4d49c3ac57a3019e760eab6fd90282197ce1df5cf8c4806

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:05 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: NMlwjIx0I7pxthzIA+E0Gw==
ETag: "0x8D9C08C045BA04D"
Content-Type: application/octet-stream
x-ms-request-id: d3c779f6-e01e-00da-2f74-f2a246000000
Cache-Control: max-age=324
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9692

GET
H/1.1 200
OK poster-video.jpg
emprestimosim.com.br/assets/images/ 570 KB
570 KB 99ms
99ms Image
image/jpeg 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/poster-video.jpg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/assets/css/style.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 494a751d49a3f23fc14fa2d28533efaf80d62dec49cc0660245af016511efe7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:02:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 58ufNJOQWJZe4np6zS5dGQ==
ETag: "0x8D9C08BFD4CAE2F"
Content-Type: image/jpeg
x-ms-request-id: d3cbb254-e01e-00da-4876-f2a246000000
Cache-Control: max-age=425
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 583436

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 54ms
30ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-145849331-2&cid=210996865.1639665462&jid=2037652850&_u=aGDAAEACQAAAAC~&z=1121330883

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-145849331-2&cid=210996865.1639665462&jid=2037652850&_u=aGDAAEACQAAAAC~&z=1121330883

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK menu.js Show response
emprestimosim.com.br/assets/js/modules/ 851 B
986 B 119ms
95ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/menu.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 512b293a3ce0b2312aadde480a58225ae2d9f6c2e7ab2f7a319a250ccba968ce

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: j97eOdzygmVaVbfiU6cGzQ==
ETag: "0x8D9C08C08B14160"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: c5c0f1a4-101e-0048-6975-f22690000000
Cache-Control: max-age=111
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 315

GET
H/1.1 200
OK carousel.js Show response
emprestimosim.com.br/assets/js/modules/ 12 KB
2 KB 120ms
95ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/carousel.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 61e6c217cd1a260baa2044f80dcb9261df2a838fe2102837c2aa01cd9fb429bf

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 4xhJST8+Gp7NYExkJr/tjg==
ETag: "0x8D9C08C08A0B22E"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: c5c27dd1-101e-0048-4075-f22690000000
Cache-Control: max-age=105
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1063

GET
H/1.1 200
OK float-bot.js Show response
emprestimosim.com.br/assets/js/modules/ 249 B
834 B 201ms
96ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/float-bot.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dcdb44113ac0b14bb20311e388f09cb0f9dc918f68ca89aaaf094937ad074efe

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: EDUi2iUDLHZfHBMHyOAf6A==
ETag: "0x8D9C08C08B3D695"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: d3cb087b-e01e-00da-6a76-f2a246000000
Cache-Control: max-age=64
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164

GET
H/1.1 200
OK btn-scroll.js Show response
emprestimosim.com.br/assets/js/modules/ 1 KB
1013 B 220ms
100ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/btn-scroll.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8cad9bffb1fd1791e0a2642266408088ec12e5cc5fafc7af4a280bb249212960

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: c6j3awANDuoBfvYaSq6rmQ==
ETag: "0x8D9C08C08A39520"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 4185eb6a-901e-009d-3875-f2c91d000000
Cache-Control: max-age=414
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 342

GET
H/1.1 200
OK tab-nav.js Show response
emprestimosim.com.br/assets/js/modules/ 2 KB
1014 B 218ms
97ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/tab-nav.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 084119d0a46d77d508b5168077c5828cc262b59e95d6b701e9b97404aaa2e8fd

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: YS6THNtPEh+xpD2tMo06cQ==
ETag: "0x8D9C08C08ABC957"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 4186c085-901e-009d-4675-f2c91d000000
Cache-Control: max-age=496
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 343

GET
H/1.1 200
OK negociar.js Show response
emprestimosim.com.br/assets/js/modules/ 1 KB
881 B 227ms
96ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/negociar.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7be7fdc8e2a2c877680dee52f0608e07bbd0a15eb504801c73d3e176f6360d7b

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: vOrR9FxRdfFsAswlI7ADnQ==
ETag: "0x8D9C08C08A6513D"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 54619371-901e-0046-0a75-f20f20000000
Cache-Control: max-age=326
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 399

GET
H/1.1 200
OK on-topics.js Show response
emprestimosim.com.br/assets/js/modules/ 2 KB
994 B 239ms
96ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/on-topics.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 54243c64fd95ef59ed51f24e101aa27c0463d4938a6ff2e9c532c073bbd205d6

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Dy86B2gyJFAigsgyzim3kQ==
ETag: "0x8D9C08C089DCF3A"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 41866ecc-901e-009d-1a75-f2c91d000000
Cache-Control: max-age=332
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 323

GET
H/1.1 200
OK slider-passo-passo.js Show response
emprestimosim.com.br/assets/js/modules/ 291 B
834 B 296ms
95ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/slider-passo-passo.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 54e5b6884e279b2fd4d831ac8c420a1faa62568d8265b7f59d167adda73dec45

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Eiy1QKl/mR+JzbqvzpNL4g==
ETag: "0x8D9C08C08B6B97F"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 54605e34-901e-0046-6574-f20f20000000
Cache-Control: max-age=241
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 163

GET
H/1.1 200
OK acessibility.js Show response
emprestimosim.com.br/assets/js/modules/ 360 B
885 B 315ms
96ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/acessibility.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8846364f9e6fc56919f66481e74f2ca69747b0a567746f437e2049af6e40441d

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: YIdozSEdOCQxOeemvstfDw==
ETag: "0x8D9C08C08AE855F"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 418713de-901e-009d-6675-f2c91d000000
Cache-Control: max-age=74
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 215

GET
H/1.1 200
OK font.js Show response
emprestimosim.com.br/assets/js/modules/ 905 B
981 B 321ms
101ms Script
application/javascript 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimosim.com.br/assets/js/modules/font.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7b4c6ef0dcedf6c4f8a43a20fbde48e8ed3fcb3316aca8a1afb1d801619e7b31

Request headers

Referer: https://emprestimosim.com.br/assets/js/app.js
Origin: https://emprestimosim.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 12:03:12 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zB2xRFJSqgSSmk8SMYg37w==
ETag: "0x8D9C08C08A90D41"
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 4185687c-901e-009d-6075-f2c91d000000
Cache-Control: max-age=468
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 310

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.30/ 52 KB
23 KB 362ms
206ms Script
application/javascript 2620:1ec:27::cafe:1503
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.30/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17215600.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1503 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c763a7b86f4b8e21741d95bf307b2932555a20d4ad383adc764c99fdbb8e88d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: br
etag: "1d7f1f35ff56ab1"
last-modified: Wed, 15 Dec 2021 20:36:02 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0Nk+7YQAAAACfDp7yllSCRLMoeZueegFsQlVIMDFFREdFMDIwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 22777
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=0E5B70F2F1554793BD17A204F6E9C6AF&RedC=c.clarity.ms&MXFR=188FAB4EFD0E622C0498BA41F90E6CB2
https://c.clarity.ms/c.gif?CtsSyncId=0E5B70F2F1554793BD17A204F6E9C6AF&MUID=34D8ED5BA1306E3E37DDFC54A05B6F58

42 B
370 B

27ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=0E5B70F2F1554793BD17A204F6E9C6AF&MUID=34D8ED5BA1306E3E37DDFC54A05B6F58
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D4C98585D6C431E8965D51C8E854704 Ref B: FRAEDGE1415 Ref C: 2021-12-16T14:37:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=0E5B70F2F1554793BD17A204F6E9C6AF&MUID=34D8ED5BA1306E3E37DDFC54A05B6F58
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 dc_pre=CNT4xevF6PQCFcFEHQkd7IEAsw;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=*;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F
adservice.google.com/ddm/fls/z/ Frame C9A4 42 B
494 B 64ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNT4xevF6PQCFcFEHQkd7IEAsw;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=*;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F

Requested by

Host: 9568187.fls.doubleclick.net
URL: https://9568187.fls.doubleclick.net/activityi;dc_pre=CNT4xevF6PQCFcFEHQkd7IEAsw;src=9568187;type=sim;cat=simem0;ord=6177818261364;gtm=2wgc10;auiddc=2006821018.1639665462;u1=emprestimosim.com.br%2F;ps=1;~oref=https%3A%2F%2Femprestimosim.com.br%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9568187.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=67801&v=5.8.0&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%2...
https://widget.us.criteo.com/event?a=67801&v=5.8.0&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%2...

13 KB
14 KB

319ms
127ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=67801&v=5.8.0&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%255B68248%252C67801%255D&adce=1&bundle=wTucHl96NktSanMxM3dSSXRvWWJQMlZsQnFKSXNuYUN5V1FnVG80ayUyRmJQdURLSXk2dDRVUGo2Vmc4JTJGek1uUiUyRktuMUpBZzV4aENySnV2RHozdGI2N0JKZmZvcE0xOHFzZHhpUnVNamxvbklsdjhJeWFPS2dlYnd2UmVJV3p4VU9aM3ZRaFd3TWNJWGhZREtVUTVKYlVmVk0lMkZPWTg3TnRlRmU5RVM2Q3pOVmFOZVdVNCUzRA&tld=emprestimosim.com.br&dtycbr=58232
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 3187a1de8160d8d1d05c49b6034d8aa2fcff5592352acfa9f68b2d932615ace9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
content-type: application/x-javascript
server: Kestrel
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 34750133
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=67801&v=5.8.0&p0=e%3Dce%26m%3D%255B%252C79054025255fb1a26e4bc422aef54eb4%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvp%26p%3Dundefined&p4=e%3Ddis%26a%3D%255B68248%252C67801%255D&adce=1&bundle=wTucHl96NktSanMxM3dSSXRvWWJQMlZsQnFKSXNuYUN5V1FnVG80ayUyRmJQdURLSXk2dDRVUGo2Vmc4JTJGek1uUiUyRktuMUpBZzV4aENySnV2RHozdGI2N0JKZmZvcE0xOHFzZHhpUnVNamxvbklsdjhJeWFPS2dlYnd2UmVJV3p4VU9aM3ZRaFd3TWNJWGhZREtVUTVKYlVmVk0lMkZPWTg3TnRlRmU5RVM2Q3pOVmFOZVdVNCUzRA&tld=emprestimosim.com.br&dtycbr=58232
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6991334
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 204 0
bat.bing.com/action/ 0
137 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17215600&Ver=2&mid=8ddd9681-f144-4063-b938-ace894674dfc&sid=ba0e1de05e7d11ecbf267d8e5a433702&vid=ba0e46005e7d11ecb598615b1a99d30b&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&p=https%3A%2F%2Femprestimosim.com.br%2F&r=&evt=pageLoad&msclkid=N&sv=1&rn=647796
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3B965204AC84E12960CC2A986ECBEAB Ref B: FRAEDGE1415 Ref C: 2021-12-16T14:37:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 119 KB
40 KB 169ms
41ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6BBE) /
Resource Hash: f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: eo/NA/cIfC8rvfmGvcVN1w==
age: 1537
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.7.2.min.js
content-length: 40058
x-ms-lease-status: unlocked
last-modified: Wed, 08 Dec 2021 18:03:24 GMT
server: ECAcc (mil/6BBE)
x-ms-meta-aijssdkver: 2.7.2
etag: 0x8D9BA750718AE66
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3fb06277-b01e-0050-4b86-f22a25000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Thu, 16 Dec 2021 15:07:42 GMT

GET
H2 200 DFPAudiencePixel;ord=2905985343741.353;dc_seg=973566373
pubads.g.doubleclick.net/activity;dc_iu=/73314699/ 42 B
533 B 66ms
43ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/73314699/DFPAudiencePixel;ord=2905985343741.353;dc_seg=973566373?

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 blue-tag.min.js Show response
event.getblue.io/js/ 8 KB
3 KB 626ms
206ms Script
application/javascript 54.94.251.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/js/blue-tag.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF55M3S

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.251.185 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-251-185.sa-east-1.compute.amazonaws.com

Software

Resource Hash

41f40556d764448a5c8220598ddf5c7df825bced46014dbca751e80e3b3d429e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Dec 2021 14:12:17 GMT
etag: W/"7716-1639663937347"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 182ms
182ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3OT6US5HQ61EDM143T0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id: 2744d8a8.1ab35b18
date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-222-79-94.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1639665462911421
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 98,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=4, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2021121614374201011313523301D2DF3D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,23.222.79.94
x-tt-trace-host: 019fb33fe263e90dd5da21fa562235761f2f322ea44ee52c1a7b98c6c2681fe9853de51fafed2aae46e5d89fdf5cbb0025430a3ba64fd08a13f1371dfb08a81d435e7120d4ecf847f74d35e15114e57a43259fa685c2a60faba6a1c6f2e4793ad60bbd7592485d6ffd594c336cd79a564b
expires: Thu, 16 Dec 2021 14:37:42 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 710 B
1 KB 166ms
166ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3OT6US5HQ61EDM143T0&hostname=emprestimosim.com.br
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3OT6US5HQ61EDM143T0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 596802b0fafb866a1aadd3a0a97e7f097a5154727eecf295bafd16c5dd6ad0f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id: 124a15b2.1ab35b8b
date: Thu, 16 Dec 2021 14:37:42 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-222-79-109.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1639665462952602
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 91,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=3, inner; dur=1
content-length: 319
pragma: no-cache
server: nginx
x-tt-logid: 20211216143742010113135009272585B1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,23.222.79.109
x-tt-trace-host: 019fb33fe263e90dd5da21fa562235761f2f322ea44ee52c1a7b98c6c2681fe985bcd9d95b485952f381b976265cc9bd4b3c43cad130814b77a4aabf453019c5994f76e7db52a003aee987055f77674e2cb71afb83cb5d4a0956ffed9b6ae2805687f22ebde72b1ba6c21549b1050d299c
expires: Thu, 16 Dec 2021 14:37:42 GMT

GET
H/1.1 200
OK hero-3-mobile@2x.jpg
emprestimosim.com.br/assets/images/home/mobile/ 64 KB
64 KB 101ms
100ms Image
image/jpeg 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/mobile/hero-3-mobile@2x.jpg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 71a0b537fd71eaf145bc4cb65b497b6c87aabf15de321da3b5cf1a36872c9937

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:04 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: hcUeg1Y6Z0uZbjNSYDn01w==
ETag: "0x8D9C08C03DDFCD4"
Content-Type: image/jpeg
x-ms-request-id: d3c816af-e01e-00da-0e75-f2a246000000
Cache-Control: max-age=362
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65310

GET
H/1.1 200
OK banner_mobile360x330.jpg
emprestimosim.com.br/assets/images/home/mobile/ 68 KB
69 KB 105ms
103ms Image
image/jpeg 52.151.244.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimosim.com.br/assets/images/home/mobile/banner_mobile360x330.jpg
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.151.244.28 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 59359bb684b7d804cbde5e353be13ac89e2ab8a613207b6e2a6b7c2060f564e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thu, 16 Dec 2021 12:03:03 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Go2zjNlhCtVoaWxkbMT3XA==
ETag: "0x8D9C08C03B104E4"
Content-Type: image/jpeg
x-ms-request-id: c5c15a72-101e-0048-5075-f22690000000
Cache-Control: max-age=489
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69949

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 12ms
7ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 01:13:16 GMT
content-encoding: gzip
age: 48267
x-guploader-uploadid: ADPycdv8pRJGhMyzXG_hODcJQkYBHuqLNJAEqUCdyv7DSuC3d0L3JKU1w11-JzwFKWpLtQM8tuE4U8VBhRAYnRsfU6d8w2L2MA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 6114
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "c011d7eff3edda011a5511fb703d925a"
x-goog-hash: crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language: en
x-goog-generation: 1632418656103247
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 17 Dec 2021 01:13:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 45ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-708477892

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-14643-9/CT-1829

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c3b5a5d2b178badd550c252a01a8b38eb0ab9e8bd32c401d79a3b3b5061c7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39586
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Dec 2021 14:37:43 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
709 B 210ms
209ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3OT6US5HQ61EDM143T0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://emprestimosim.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 10aba6d0.1ab35da7
date: Thu, 16 Dec 2021 14:37:43 GMT
x-cache-remote: TCP_MISS from a23-222-79-12.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 164,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=66, inner; dur=51
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2021121614374301011300615122252D5F
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 66,23.222.79.12
x-tt-trace-host: 019fb33fe263e90dd5da21fa562235761f2f322ea44ee52c1a7b98c6c2681fe985e62997f7bb5c4d01fecaf475398ad2d20611153c5725fe75e844cc887905205628bbeb42afcd3e8fdcf251915f25710f7eef4bb2cdd3adc0c2d0c47553b1568df5e1836b29fc9f8312a2dc4c9e60758e
expires: Thu, 16 Dec 2021 14:37:43 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 7ms
6ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 03:00:22 GMT
content-encoding: gzip
age: 41841
x-guploader-uploadid: ADPycdtExr5dB0wKnyhxmGToZoMiT2xcRpmf4wKQrF1qJC-A06lsj6VofmxoSOk5WNqPRlLFhBPcVNwwAaJMwQm9p8Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8332
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash: crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language: en
x-goog-generation: 1632418656026668
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 17 Dec 2021 03:00:22 GMT

GET
H2 200 trk
tt-14643-9.seg.t.tailtarget.com/ 70 B
605 B 135ms
103ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-14643-9.seg.t.tailtarget.com/trk?tA=TT-14643-9&tJ=_channel:sim-home:1|_channel:sim-visao-geral:1&tK=1639665463&tM=direct&tL=direct&tN=direct&tY=3&tZ=276119811
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 3EDF 2 KB
1 KB 34ms
7ms Document
text/html 143.204.209.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1523076.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-102.fra53.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: tvlHKJmv1kA_Q3Ei9ufsVpbnR1h2o66dEiOpFpM36-OO65mLXXNBsg==
age: 1205077

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
338 B 109ms
103ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 7fb376b72cf3b6cad91afdf2f44473432ecd56d36e43e5d96888d9e062f5f2d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 48ms
25ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-708477892

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 14:37:43 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
178 B 309ms
103ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://emprestimosim.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
date: Thu, 16 Dec 2021 14:37:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 b Show response
b.t.tailtarget.com/ 114 B
574 B 104ms
104ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-14643-9&tY=1&tS=3&tU=0100007F374FBB61CF064BBB020C2510&tX=b.52&tZ=466146722
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: fd375bda8830483c65a66d11deda2e7063a80d63ddefaa31708bf777bd93dda2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/ 2 KB
2 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/?random=1639665463262&cv=9&fst=1639665463262&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e725d69278a65530fe6ba49c135b6aa183cf0c1a113ba85abcd4e187f6dc6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/ 2 KB
1 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/?random=1639665463264&cv=9&fst=1639665463264&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1d4c83cfb24a78f644f9c20378436e4115486d456634c0123223e90b4aa2cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
25 B 315ms
223ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://emprestimosim.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
date: Thu, 16 Dec 2021 14:37:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 /
www.google.com/pagead/1p-user-list/708477892/ 42 B
64 B 40ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708477892/?random=1639665463262&cv=9&fst=1639663200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&async=1&fmt=3&is_vtc=1&random=2200439032&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/708477892/ 42 B
64 B 38ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/708477892/?random=1639665463262&cv=9&fst=1639663200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&async=1&fmt=3&is_vtc=1&random=2200439032&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
hitbr.acstat.com/emprestimosim/ 0
530 B 660ms
217ms XHR
text/plain 177.54.158.78
Maxihost LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://hitbr.acstat.com/emprestimosim/?sid=668317f6-1d9b-d88e-d5af-4b97bd5ba982&t_tid=b2185d46-a610-7982-7794-790a89cf5bf4&t_dp=&wid=&par=&ref=&t_t=&t_if=0&t_s=&ih=1200&iw=1600&if_p=&s_w=1600&s_h=1200&land=https%3A%2F%2Femprestimosim.com.br%2F
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 177.54.158.78 Jaboatao dos Guararapes, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS: game.strongerhosting.com.br
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:43 GMT
Last-Modified: Thursday, 16-Dec-2021 14:37:43 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: https://emprestimosim.com.br
Cache-Control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/708477892/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708477892/?random=1639665463264&cv=9&fst=1639663200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&async=1&fmt=3&is_vtc=1&random=4140455059&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/708477892/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/708477892/?random=1639665463264&cv=9&fst=1639663200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&async=1&fmt=3&is_vtc=1&random=4140455059&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
tt-14643-9.seg.t.tailtarget.com/ 68 B
337 B 104ms
104ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-14643-9.seg.t.tailtarget.com/ca?tZ=983812414
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 0ebd5b9cdd27ed1c358552d2e9c5ee954bb5e2161352b8c3ee5c0b5f4a6e4a25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 k_emprestimosim.gif
pixel.rubiconredirect.com/pixel/ 493 B
1 KB 203ms
143ms Image
image/gif 2606:4700:3033::ac43:a21b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconredirect.com/pixel/k_emprestimosim.gif?c=script&load=success
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a21b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger(R) 6.0.11
Resource Hash: 39f6c4ef5a24d1f3dddc23de1255fcc54dd65dad02044948740f7d7d01aa1737

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Phusion Passenger(R) 6.0.11
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="k_emprestimosim.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 9729e697-02de-4c0d-be7b-2f54cf624653
x-runtime: 0.001129
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i68ZVVSARAATclnrFIoxXmWBJU4%2BaixDiVNKLjKMwUUudt314pQLGnkca2dSeCUU2K4paHKE%2BYcP9Pq7hj%2B8xLKqDm4Uvl%2By2e6d6gfCbss%2F1hrwZPOie%2B%2BECggrq3H1ThiZGuS%2BAC%2B%2BZ2UAjC%2B5M1sRvfr5yFp4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 6be8a6bad8245995-MXP

GET
H2 200 / Show response
event.getblue.io/p/ Frame C709 774 B
1 KB 278ms
278ms Document
text/html 54.94.251.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&v=13072020-1328&nocache=2932949402633.405
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.94.251.185 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-251-185.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: e9b9b1b95a55e511cab2a45f56608a089519299f7a7a3ffc4e7e0f9781c9b0c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
content-type: text/html;charset=UTF-8
tagcontainer-version: 1177-09122021-1036
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 / Show response
widget.getblue.io/event/ 760 B
642 B 232ms
226ms Script
text/javascript 54.94.251.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getblue.io/event/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&v=13072020-1328&if=0&nocache=7872549555441.452
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.94.251.185 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-251-185.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: 5b92a408bbe994550b7055a07066d79ec13a646062d36f046dbd84a9d59e86e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/ 2 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708477892/?random=1639665463477&cv=9&fst=1639665463477&num=1&label=GrtCCNKU_98CEMSH6tEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

901366b232aeaefc355c6ee7c5d273425471e34532417c5c543d26ea5abf77cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1104
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=410615119637636&ev=Tail&cd[custom_audience]=CA28591

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 14:37:43 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 120ms
104ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-14643-9&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1639665463292_3118995382&tJ=CA28591&tQ=sim-home,sim-visao-geral&tU=0100007F374FBB61CF064BBB020C2510&tX=b.52&tY=1&tZ=228228267
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/708477892/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708477892/?random=1639665463477&cv=9&fst=1639663200000&num=1&label=GrtCCNKU_98CEMSH6tEC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&async=1&fmt=3&is_vtc=1&random=945395153&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/708477892/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/708477892/?random=1639665463477&cv=9&fst=1639663200000&num=1&label=GrtCCNKU_98CEMSH6tEC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Femprestimosim.com.br%2F&tiba=Empr%C3%A9stimo%20Online%20e%20R%C3%A1pido%20%7C%20Empr%C3%A9stimo%20SIM&async=1&fmt=3&is_vtc=1&random=945395153&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 k_emprestimosim.gif Show response
pixel.rubiconredirect.com/pixel/ 493 B
1 KB 163ms
136ms Script
application/octet-stream 2606:4700:3033::ac43:a21b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconredirect.com/pixel/k_emprestimosim.gif
Requested by: Host: emprestimosim.com.br
URL: https://emprestimosim.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a21b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger(R) 6.0.11
Resource Hash: 75e39f710094385f3fee0e9450350f07b46d2d7b6891557b5e2865d24483c9cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Phusion Passenger(R) 6.0.11
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="k_emprestimosim.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 723b1d49-cd57-4679-939b-8bb9edfc1985
x-runtime: 0.000768
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=by7LUGBI1fBYYFfsXz%2FZfy2TgLtdZ9ROXusKW5iGgg1Mg3Gck0T%2BXHr%2FDjEUE3XaPPp8JcRJlJysuw%2F167n57vWVdg3xW2yQEY%2Baz8T2SC6AQNmxnT554j9qfRjC6HyWFHpYpCj6Y%2Fp9VFzt31uWYQBiD24mJmkk"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 6be8a6bbefb359f5-MXP

GET
H2

200

/
cms.getblue.io/cm/ Frame C709
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=getblue&google_cm&&google_sc&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&google_ula=6580826752&ula=6580826752&goog...
https://cms.getblue.io/cm/?src=adx&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&ula=6580826752&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&google_gid=CAESEGdCD_u...

2 B
99 B

613ms
204ms

Image
application/json

18.229.207.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=adx&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&ula=6580826752&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&google_gid=CAESEGdCD_ugpV5-x8PncbVXaI4&google_cver=1&google_ula=6580826752,0
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&v=13072020-1328&nocache=2932949402633.405
Protocol: H2
Server: 18.229.207.252 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-207-252.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cms.getblue.io/cm/?src=adx&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&ula=6580826752&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&google_gid=CAESEGdCD_ugpV5-x8PncbVXaI4&google_cver=1&google_ula=6580826752,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C709
Redirect Chain

https://ib.adnxs.com/setuid?entity=449&code=F4F2E31C-6456-4350-89D4D452838490A4
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3DF4F2E31C-6456-4350-89D4D452838490A4

43 B
1 KB

98ms
97ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3DF4F2E31C-6456-4350-89D4D452838490A4

Requested by

Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&v=13072020-1328&nocache=2932949402633.405

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 14:37:43 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d850ad53-7a8e-48d2-82c5-748a2fa27ea1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 14:37:43 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d7f6d638-0a84-48a5-96d0-fb27f929c29e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3DF4F2E31C-6456-4350-89D4D452838490A4
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
cms.getblue.io/cm/ Frame C709
Redirect Chain

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&appn...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3DF4F2E31C-6456-4350-89D4D452838490A4%26cid%3D5C452402-DDBE-CC15-BDE4291B44D501AB%26blueID%3D450...
https://cms.getblue.io/cm/?src=appnexus&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&appnexusid=5550640032459651103

2 B
100 B

619ms
203ms

Image
application/json

18.229.207.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=appnexus&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&appnexusid=5550640032459651103
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=5C452402-DDBE-CC15-BDE4291B44D501AB&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&v=13072020-1328&nocache=2932949402633.405
Protocol: H2
Server: 18.229.207.252 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-207-252.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 14:37:43 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 32e2314d-7b9e-40ec-aae0-bd463ff8199b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cms.getblue.io/cm/?src=appnexus&ckid=F4F2E31C-6456-4350-89D4D452838490A4&cid=5C452402-DDBE-CC15-BDE4291B44D501AB&blueID=450c0659-6cf5-4209-91d1-6cb423ee7dbb&appnexusid=5550640032459651103
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 k_emprestimosim.js Show response
scripts.rubiconredirect.com/scripts/ 807 B
680 B 154ms
143ms Script
text/javascript 2606:4700:3033::ac43:a21b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.rubiconredirect.com/scripts/k_emprestimosim.js
Requested by: Host: pixel.rubiconredirect.com
URL: https://pixel.rubiconredirect.com/pixel/k_emprestimosim.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a21b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger(R) 6.0.11
Resource Hash: 60f2d874fe8d8374f3b27bda3bcfedfe170c03657f4c2e029fb1e589a32e1659

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Phusion Passenger(R) 6.0.11
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 3284c2b3-9b25-4fcc-bf33-48b62703a892
x-runtime: 0.003250
server: cloudflare
etag: W/"60f2d874fe8d8374f3b27bda3bcfedfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnpWIPTBR7Op8wn5D5fkAPb6BYdHTrEc1BQX3mleA%2FhXECMwzxRSFW6Ua5dLmSRHBvgOOb0cf8o8zdXNaoKp9ZCVu2KPYGGAC5%2BoBXt%2BRdIbUaaP54Oxe73%2BpwAFYgvXRCmBVQ80P3hRyKKh7dZAxqtTA1IlT3JgsO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, public
cf-ray: 6be8a6bcde0b5995-MXP
expires: 2021-11-16 14:37:43 UTC

GET
H3 200 safeframe Show response
scripts.rubiconredirect.com/ Frame D0F6 4 KB
2 KB 143ms
143ms Document
text/html 2606:4700:3033::ac43:a21b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.rubiconredirect.com/safeframe

Requested by

Host: scripts.rubiconredirect.com
URL: https://scripts.rubiconredirect.com/scripts/k_emprestimosim.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a21b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R) 6.0.11

Resource Hash

963b33b968ee14442d917bb14b6c8155b4bfa633a6ce3d00e89ff9f05d630828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 04011611-7d3c-4730-962a-abaa16174f92
x-download-options: noopen
x-runtime: 0.001931
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R) 6.0.11
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCzNequHbOcdOmHoYLbUkezffu9XQs7NNTs3ueM79kBeabVkbNFprqWCM9koOAGkZKDEA%2FD8or9gQW8UL9U2ndIK%2FtfS393JyuumyRFzhlPmbewEG7CJJs4m%2BjAO2iOF51HOpTW6b8aZow0f2o%2F3%2FumNkvIKJGTVn78%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6be8a6bdcd2959f5-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 unip Show response
trc-events.taboola.com/1297567/log/3/ 0
250 B 48ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1297567/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=24&ssd=1&est=1639665462468&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1639665464026&vi=1639665462465&ri=8f2fa4c2e5db745fbb8e480aa6e35b75&sd=v2_212c580d96573a554b0db24a04eaa109_d1e51946-d007-425f-970c-2b92d0bb9f1d-tuct8b4d4b6_1639665462_1639665462_CNawjgYQn5lPGMHZtZ3cLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiApKeijMutlDNwAA&ui=d1e51946-d007-425f-970c-2b92d0bb9f1d-tuct8b4d4b6&ref=null&cv=20211213-1-RELEASE&item-url=https%3A%2F%2Femprestimosim.com.br%2F
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0F9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1hY0VNc3Z2N3V6RVRzRHNUSEtKR29zSFpxRUVjSjhEUThYdjhLZw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
341 B

16ms
16ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol: H2
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 194206
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Criteo
crb.kargo.com/api/v1/dsync/ Frame 0F9C 43 B
360 B 41ms
7ms Image
image/gif 3.127.192.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.192.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-192-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 14:37:44 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 0F9C
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5550640032459651103

43 B
342 B

20ms
19ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5550640032459651103
Protocol: H2
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1824584
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 14:37:44 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1f249c14-7304-400a-8276-692545492be0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5550640032459651103
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 0F9C 0
476 B 358ms
87ms Image
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MrtDiPv7uzETsDsTHKJGosHZqEG17AvXFu8vjQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:44 GMT
Cache-Control: no-cache
X-TraceId: 8b8cd81bc0acabe5452a22b0f4fa6fdb
Content-Length: 0

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0F9C 0
229 B 37ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Zt52pPv7uzETsDsTHKJGosHZqEFpEcvX5c6S1w
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8873

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 0F9C 0
239 B 72ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-QPDJtPv7uzETsDsTHKJGosHZqEGOWKhdAbdypw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 0F9C
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-IvNIo_v7uzETsDsTHKJGosHZqEFIi_rG_XdqPQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IvNIo_v7uzETsDsTHKJGosHZqEFIi_rG_XdqPQ

43 B
447 B

33ms
32ms

Image
image/gif

99.81.7.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IvNIo_v7uzETsDsTHKJGosHZqEFIi_rG_XdqPQ
Protocol: H2
Server: 99.81.7.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-7-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Dec 2021 14:37:44 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IvNIo_v7uzETsDsTHKJGosHZqEFIi_rG_XdqPQ
date: Thu, 16 Dec 2021 14:37:44 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 0F9C 0
446 B 71ms
24ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 0F9C 0
481 B 48ms
10ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-svlCpPv7uzETsDsTHKJGosHZqEGL36YYxOEM9Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame 0F9C
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-nKkW-fv7uzETsDsTHKJGosHZqEEXktSwdsuymg&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-nKkW-fv7uzETsDsTHKJGosHZqEEXktSwdsuymg&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-nKkW-fv7uzETsDsTHKJGosHZqEEXktSwdsuymg&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4

0
342 B

10ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-nKkW-fv7uzETsDsTHKJGosHZqEEXktSwdsuymg&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-nKkW-fv7uzETsDsTHKJGosHZqEEXktSwdsuymg&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4
date: Thu, 16 Dec 2021 14:37:44 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
contextual.media.net/ Frame 0F9C 45 B
784 B 102ms
53ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-hEmnPvv7uzETsDsTHKJGosHZqEGzVduaB6ug7w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 16 Dec 2021 14:37:44 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 16 Dec 2021 14:37:44 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 0F9C 0
239 B 36ms
8ms Image
text/plain 2600:9000:211e:9a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-gmgo1vv7uzETsDsTHKJGosHZqEGepwlH4j0B-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: jbuhRl6rOdAcw7sNjG1-lCL4KJhSsYv8F50bJA1YLmnxrPo7ruXE7g==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 0F9C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-EzNVNPv7uzETsDsTHKJGosHZqEH8xOVlkrZl6g&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-EzNVNPv7uzETsDsTHKJGosHZqEH8xOVlkrZl6g&expires=30

43 B
495 B

64ms
63ms

Image
image/gif

3.127.120.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-EzNVNPv7uzETsDsTHKJGosHZqEH8xOVlkrZl6g&expires=30
Protocol: HTTP/1.1
Server: 3.127.120.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-120-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-EzNVNPv7uzETsDsTHKJGosHZqEH8xOVlkrZl6g&expires=30
Date: Thu, 16 Dec 2021 14:37:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 0F9C
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B50VAfv7uzETsDsTHKJGosHZqEFeCDvK9R66UQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B50VAfv7uzETsDsTHKJGosHZqEFeCDvK9R66UQ&C=1

43 B
1 KB

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B50VAfv7uzETsDsTHKJGosHZqEFeCDvK9R66UQ&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 14:37:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Dec 2021 14:37:44 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 14:37:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B50VAfv7uzETsDsTHKJGosHZqEFeCDvK9R66UQ&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Thu, 16 Dec 2021 14:37:44 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 0F9C 43 B
375 B 35ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10000569

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 16 Dec 2021 14:37:44 GMT

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 0F9C 43 B
275 B 35ms
17ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-CNxyyPv7uzETsDsTHKJGosHZqEFHOswNur_RLg&c=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 0F9C
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&custom=&tag_format=img&tag_action=sync&custom=&cb=a6448716-1fed-45ef-ae92-3aa92d9...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=a6448716-1fed-45e...

0
638 B

31ms
31ms

Image
text/plain

34.255.54.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=a6448716-1fed-45ef-ae92-3aa92d90c768&final=true&reqid=bb2bb710-5e7d-11ec-bd86-653679b3667f&timestamp=2021-12-16T14%3A37%3A44.578Z
Protocol: HTTP/1.1
Server: 34.255.54.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-54-140.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 14:37:44 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 16 Dec 2021 14:37:44 GMT
Server: nginx/1.18.0
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1043&partner_id=1048&uid=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=a6448716-1fed-45ef-ae92-3aa92d90c768&final=true&reqid=bb2bb710-5e7d-11ec-bd86-653679b3667f&timestamp=2021-12-16T14%3A37%3A44.578Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 294
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

m
cm.mgid.com/ Frame 0F9C
Redirect Chain

https://cm.mgid.com/m?cdsp=617660&c=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg
https://cm.mgid.com/m?c=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&cdsp=617660&sct=1

43 B
501 B

124ms
113ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&cdsp=617660&sct=1
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6be8a6c21b651f39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://cm.mgid.com/m?c=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg&cdsp=617660&sct=1
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6be8a6c149353aab-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 0F9C
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg

95 B
427 B

15ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg
date: Thu, 16 Dec 2021 14:37:44 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 t.gif
cw.addthis.com/ Frame 0F9C 0
428 B 171ms
112ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-acEMsvv7uzETsDsTHKJGosHZqEEcJ8DQ8Xv8Kg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 16 Dec 2021 14:37:44 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 0F9C
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/64O73UqC71qE2HCiXj9LD5cvXXIw-MgQ/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8186999735332245094

43 B
342 B

18ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8186999735332245094
Protocol: H2
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:43 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2113701
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8186999735332245094
pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 pixelCt.tpmn
ad.tpmn.co.kr/ Frame 0F9C 170 B
601 B 293ms
263ms Image
image/png 34.102.166.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-vmyWX_v7uzETsDsTHKJGosHZqEFeaJmIGaXYFw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
content-encoding: gzip
vary: accept-encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: image/png;charset=utf-8
alt-svc: clear
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 0F9C 42 B
679 B 54ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Eg-jhvv7uzETsDsTHKJGosHZqEH4g2xrRQ6MwQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:43 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:424
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame 0F9C
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k--ZqnBPv7uzETsDsTHKJGosHZqEFyNzKzPJKJtA&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k--ZqnBPv7uzETsDsTHKJGosHZqEFyNzKzPJKJtA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k--ZqnBPv7uzETsDsTHKJGosHZqEFyNzKzPJKJtA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k--ZqnBPv7uzETsDsTHKJGosHZqEFyNzKzPJKJtA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Thu, 16 Dec 2021 14:37:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 229ms
15ms Preflight 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://emprestimosim.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Thu, 16 Dec 2021 14:37:44 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
282 B 219ms
219ms XHR
application/json 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f0aaeb8b02a4154df89fbfa608ecbf120a1ccba9918828c2700a309ac6485d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://emprestimosim.com.br/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: A3E68C7A-BC0D-447E-8AAE-BF89BBB3BC21
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 16 Dec 2021 14:37:44 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 0F9C 43 B
79 B 35ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 16 Dec 2021 14:37:44 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame 0F9C
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-Siebbfv7uzETsDsTHKJGosHZqEEWxUYJWRv14w&_origin=1
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-Siebbfv7uzETsDsTHKJGosHZqEEWxUYJWRv14w&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4

0
20 B

12ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-Siebbfv7uzETsDsTHKJGosHZqEEWxUYJWRv14w&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-Siebbfv7uzETsDsTHKJGosHZqEEWxUYJWRv14w&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4
date: Thu, 16 Dec 2021 14:37:44 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 0F9C 43 B
1 KB 26ms
25ms Image
image/gif 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-JCzHGfv7uzETsDsTHKJGosHZqEHOq_JNu2L3qg&seg=95287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 14:37:44 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: da5260ea-651a-4cb4-a683-150c4a8fee05
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame 0F9C
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-sD1-xvv7uzETsDsTHKJGosHZqEHFxjb76IQNhQ&_origin=1
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-sD1-xvv7uzETsDsTHKJGosHZqEHFxjb76IQNhQ&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4

0
20 B

10ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-sD1-xvv7uzETsDsTHKJGosHZqEHFxjb76IQNhQ&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:44 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-sD1-xvv7uzETsDsTHKJGosHZqEHFxjb76IQNhQ&_origin=1&apid=UPbb141152-5e7d-11ec-a355-06323c827ac4
date: Thu, 16 Dec 2021 14:37:44 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 0F9C
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=plJDk1Eh92HI2XpdqXNOR2sIPqyN6we4

42 B
417 B

34ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=plJDk1Eh92HI2XpdqXNOR2sIPqyN6we4
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 14:37:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=plJDk1Eh92HI2XpdqXNOR2sIPqyN6we4
date: Thu, 16 Dec 2021 14:37:43 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2539
content-length: 197
strict-transport-security: max-age=86400; preload;
content-type: text/html; charset=utf-8

GET
H2 204 t.gif
cw.addthis.com/ Frame 0F9C 0
428 B 164ms
163ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-QPDJtPv7uzETsDsTHKJGosHZqEGOWKhdAbdypw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 14:37:44 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 16 Dec 2021 14:37:44 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 104ms
103ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://emprestimosim.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
date: Thu, 16 Dec 2021 14:37:44 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 326e82c9-2b36-4fb4-9ec0-7f3b6169ee95 Show response
api.soclminer.com.br/v2.1/customers/ 20 B
715 B 314ms
258ms XHR
application/json 2606:4700:20::681a:d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.soclminer.com.br/v2.1/customers/326e82c9-2b36-4fb4-9ec0-7f3b6169ee95?format=json&url=https%3A%2F%2Femprestimosim.com.br%2F&referrer=&paramOnSession=&isMobile=false
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ServiceStack/3,971 Win32NT/.NET, ASP.NET
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ServiceStack/3,971 Win32NT/.NET, ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5pssFtoCMAa%2FtMvRPIPkGa74Tn0HZ9R12UBOLyIDpQzz4PcFV%2BQwswiXfp5olxnzjve461Th0kwQqGmR1Uhjs7%2BtBqPZB9kfyOjprjdhKPcaEtYQzhnFrFqZpjZGQZ%2B1cX5gDAgkEaN43kNx0KEDbui"}],"group":"cf-nel","max_age":604800}
cache-control: private
cf-ray: 6be8a6c83f2683ba-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, JSNLog-RequestId
content-length: 20

GET
H2 204 unip Show response
trc-events.taboola.com/1297567/log/3/ 0
249 B 15ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1297567/log/3/unip?en=pre_d_eng_tb&tos=4559&scd=24&ssd=1&est=1639665462468&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1639665467027&vi=1639665462465&ri=8f2fa4c2e5db745fbb8e480aa6e35b75&sd=v2_212c580d96573a554b0db24a04eaa109_d1e51946-d007-425f-970c-2b92d0bb9f1d-tuct8b4d4b6_1639665462_1639665462_CNawjgYQn5lPGMHZtZ3cLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiApKeijMutlDNwAA&ui=d1e51946-d007-425f-970c-2b92d0bb9f1d-tuct8b4d4b6&ref=null&cv=20211213-1-RELEASE&item-url=https%3A%2F%2Femprestimosim.com.br%2F
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emprestimosim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://emprestimosim.com.br
pragma: no-cache
date: Thu, 16 Dec 2021 14:37:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

90 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.emprestimosim.com.br/	1970-01-20 01:37:21	Name: _gcl_au Value: 1.1.2006821018.1639665462
.emprestimosim.com.br/	1970-01-20 16:58:57	Name: _ga Value: GA1.3.210996865.1639665462
.emprestimosim.com.br/	1970-01-19 23:29:11	Name: _gid Value: GA1.3.286272452.1639665462
.bing.com/	1970-01-20 08:49:21	Name: MUID Value: 34D8ED5BA1306E3E37DDFC54A05B6F58
.emprestimosim.com.br/	1970-01-20 01:37:21	Name: _fbp Value: fb.2.1639665462530.1130217378
.emprestimosim.com.br/	1970-01-19 23:27:45	Name: _gat_UA-145849331-2 Value: 1
.facebook.com/	1970-01-20 01:37:21	Name: fr Value: 0EAuVpbsUj1gyCkiN..Bhu082...1.0.Bhu082.
.criteo.com/	1970-01-20 08:49:21	Name: uid Value: e21b86ec-2b58-492b-a8e1-6d86bdc6f1c0
.yahoo.com/	1970-01-20 08:13:43	Name: A3 Value: d=AQABBDZPu2ECEIbSUGMX6g0u-lxCLnCUDTMFEgEBAQGgvGHFYQAAAAAA_eMAAA&S=AQAAAtTz2bsDt85fk56FreQ8GaE
.doubleclick.net/	1970-01-20 08:49:21	Name: IDE Value: AHWqTUksoWieLzjcnfUEEaGXvppnbYItdcfVuJydHjbsJmGaM55BXNcYeKYiYTPEpVo
.emprestimosim.com.br/	1970-01-20 08:57:09	Name: cto_bundle Value: wTucHl96NktSanMxM3dSSXRvWWJQMlZsQnFKSXNuYUN5V1FnVG80ayUyRmJQdURLSXk2dDRVUGo2Vmc4JTJGek1uUiUyRktuMUpBZzV4aENySnV2RHozdGI2N0JKZmZvcE0xOHFzZHhpUnVNamxvbklsdjhJeWFPS2dlYnd2UmVJV3p4VU9aM3ZRaFd3TWNJWGhZREtVUTVKYlVmVk0lMkZPWTg3TnRlRmU5RVM2Q3pOVmFOZVdVNCUzRA
.emprestimosim.com.br/	1970-01-19 23:29:11	Name: _uetsid Value: ba0e1de05e7d11ecbf267d8e5a433702
.emprestimosim.com.br/	1970-01-20 08:49:21	Name: _uetvid Value: ba0e46005e7d11ecb598615b1a99d30b
.c.bing.com/	1970-01-20 08:49:21	Name: SRM_B Value: 34D8ED5BA1306E3E37DDFC54A05B6F58
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 08:49:21	Name: MUID Value: 34D8ED5BA1306E3E37DDFC54A05B6F58
.c.clarity.ms/	1970-01-19 23:27:46	Name: ANONCHK Value: 0
emprestimosim.com.br/	1970-01-20 08:13:21	Name: ai_user Value: fr+AoL1yceJ0cUyuMyruRT\|2021-12-16T14:37:42.923Z
emprestimosim.com.br/	1970-01-19 23:27:47	Name: tt_c_vmt Value: 1639665463
emprestimosim.com.br/	1970-01-19 23:27:47	Name: tt_c_c Value: direct
emprestimosim.com.br/	1970-01-19 23:27:47	Name: tt_c_s Value: direct
emprestimosim.com.br/	1970-01-19 23:27:47	Name: tt_c_m Value: direct
.emprestimosim.com.br/	1970-01-20 08:13:21	Name: _clck Value: d7l000\|1\|exb\|0
emprestimosim.com.br/	1970-01-20 16:44:33	Name: _ttuu.s Value: 1639665463115
.emprestimosim.com.br/	1970-01-20 08:13:21	Name: _hjSessionUser_1523076 Value: eyJpZCI6IjVlMDYyNmFhLWI3ZjYtNWY5OC1hZTliLWNhMjg4YTYwNzQ5MCIsImNyZWF0ZWQiOjE2Mzk2NjU0NjI1NjIsImV4aXN0aW5nIjpmYWxzZX0=
.emprestimosim.com.br/	1970-01-19 23:27:47	Name: _hjFirstSeen Value: 1
.emprestimosim.com.br/	1970-01-19 23:27:47	Name: _hjSession_1523076 Value: eyJpZCI6IjlmN2YyYTA0LTY2OGItNDUxYy05ODMxLTE5MzFjZWFkYmMwNSIsImNyZWF0ZWQiOjE2Mzk2NjU0NjMxNzF9
.emprestimosim.com.br/	1970-01-19 23:27:47	Name: _hjAbsoluteSessionInProgress Value: 0
.tt-14643-9.seg.t.tailtarget.com/	1970-01-20 00:10:57	Name: trk Value: slyVdF6jrUHmKjnVi+jUpqTkuz0Kr/WAaH74OP6yEoaTze3Eut8DxVTTSPbC35Ke
.t.tailtarget.com/	1970-01-19 23:30:38	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-20 08:13:21	Name: u Value: fwAAAWG7Tze7SwbPECUMAgB=
emprestimosim.com.br/	1970-01-20 08:13:21	Name: tt.u Value: 0100007F374FBB61CF064BBB020C2510
.emprestimosim.com.br/	1970-01-20 00:12:23	Name: user_unic_ac_id Value: 668317f6-1d9b-d88e-d5af-4b97bd5ba982
.t.tailtarget.com/	1970-01-20 00:10:57	Name: ttbprf Value: _frankfurt am main_hesse_de_1639665463292_3118995382
.t.tailtarget.com/	1970-01-19 23:27:47	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 00:10:57	Name: ttnprf Value:
.emprestimosim.com.br/	1970-01-20 00:12:23	Name: advcake_trackid Value: b2185d46-a610-7982-7794-790a89cf5bf4
emprestimosim.com.br/	1970-01-19 23:29:11	Name: tt.nprf Value:
emprestimosim.com.br/	1970-01-20 08:13:21	Name: blueID Value: 450c0659-6cf5-4209-91d1-6cb423ee7dbb
.tt-14643-9.seg.t.tailtarget.com/	1970-01-19 23:27:49	Name: ttca Value: CA28591_1639665463
emprestimosim.com.br/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: f1a5bfef119ba826f574e715cb0e6a5e
emprestimosim.com.br/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: f1a5bfef119ba826f574e715cb0e6a5e
emprestimosim.com.br/	1970-01-19 23:27:47	Name: ai_session Value: ALB+bh9XRVLfapBF0CwqPl\|1639665463497\|1639665463497
.emprestimosim.com.br/	1970-01-19 23:29:11	Name: _clsk Value: nexaqk\|1639665463500\|1\|1\|b.clarity.ms/collect
.t.tailtarget.com/	1970-01-20 00:10:57	Name: n Value: 1639665463
.getblue.io/	1970-01-20 16:58:57	Name: ckid Value: F4F2E31C%2D6456%2D4350%2D89D4D452838490A4
.adnxs.com/	1970-01-20 01:37:21	Name: uuid2 Value: 5550640032459651103
.advertising.com/	1970-01-20 08:14:47	Name: APID Value: UPbb141152-5e7d-11ec-a355-06323c827ac4
.taboola.com/	1970-01-20 08:13:21	Name: t_gid Value: 03cff358-c018-46a3-a887-18c9eb2a3151-tuct8b4d4b8
.analytics.yahoo.com/	1970-01-20 08:14:47	Name: IDSYNC Value: "18zh~224e:1761~224e"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPbb141152-5e7d-11ec-a355-06323c827ac4
.yahoo.com/	1970-01-19 23:29:11	Name: APIDTS Value: 1639665464
.bidswitch.net/	1970-01-20 08:13:21	Name: tuuid Value: 2d26b52e-35c9-4d97-a5f6-f53072313a6c
.bidswitch.net/	1970-01-20 08:13:21	Name: c Value: 1639665464
.bidswitch.net/	1970-01-20 08:13:21	Name: tuuid_lu Value: 1639665464
.media.net/	1970-01-20 08:13:21	Name: visitor-id Value: 2826670649538234000V10
.media.net/	1970-01-20 00:10:57	Name: data-c-ts Value: 1639665464
.media.net/	1970-01-20 00:10:57	Name: data-c Value: k-hEmnPvv7uzETsDsTHKJGosHZqEGzVduaB6ug7w~~3
.turn.com/	1970-01-20 03:46:57	Name: uid Value: 8186999735332245094
.360yield.com/	1970-01-20 01:37:21	Name: tuuid Value: 1e863364-1791-4d42-96c3-46af65dd9b09
.360yield.com/	1970-01-20 01:37:21	Name: tuuid_lu Value: 1639665464
.tapad.com/	1970-01-20 00:54:09	Name: TapAd_TS Value: 1639665464497
.tapad.com/	1970-01-20 00:54:09	Name: TapAd_DID Value: 3ebf5e81-bfb7-4b8b-be06-d18ad9b4a120
.casalemedia.com/	1970-01-20 08:13:21	Name: CMID Value: YbtPOEwYt5mPbFYJOeTPiAAA
.casalemedia.com/	1970-01-20 01:37:21	Name: CMPS Value: 5204
.tapad.com/	1970-01-20 00:54:09	Name: TapAd_3WAY_SYNCS Value:
.360yield.com/	1970-01-20 01:37:21	Name: um Value: !38,.anefaLwHs0w5p6SdCbsc8D6boGPA3ZTYbqvIfT6F.cptTj-Fp3UyJSP6FSVTrbzxcsM2TfE,1647441464
.360yield.com/	1970-01-20 01:37:21	Name: umeh Value: !38,0,1701873464,-1
.casalemedia.com/	1970-01-20 01:37:21	Name: CMPRO Value: 1124
.casalemedia.com/	1970-01-19 23:29:11	Name: CMST Value: YbtPOGG7TzgA
.casalemedia.com/	1970-01-20 08:13:21	Name: CMRUM3 Value: 1461bb4f382760k-B50VAfv7uzETsDsTHKJGosHZqEFeCDvK9R66UQ
.pubmatic.com/	1970-01-20 00:10:57	Name: KRTBCOOKIE_97 Value: 3385-uid:k-Eg-jhvv7uzETsDsTHKJGosHZqEH4g2xrRQ6MwQ&KRTB&23286-uid:k-Eg-jhvv7uzETsDsTHKJGosHZqEH4g2xrRQ6MwQ&KRTB&23287-uid:k-Eg-jhvv7uzETsDsTHKJGosHZqEH4g2xrRQ6MwQ&KRTB&23288-uid:k-Eg-jhvv7uzETsDsTHKJGosHZqEH4g2xrRQ6MwQ
.pubmatic.com/	1970-01-20 00:10:57	Name: PugT Value: 1639665463
.pubmatic.com/	1970-01-20 01:37:21	Name: PUBMDCID Value: 3
.3lift.com/	1970-01-20 01:37:21	Name: tluid Value: 16481023376115193473
.adnxs.com/	1970-01-20 01:37:21	Name: anj Value: dTM7k!M40*cvig%ghqdmU(7T[Wr2SL#QlmS$:yXae9qPYZ=Bd'F(`JeG5I.<GQ'%oZNF][G:tCRq!n]bDZXJcGllijn.SAAMK[cg5D3V@4UHpr/?.xqBvgDo(/6JitCt/CSGJV=(1ea7uaaOb[)]Twx5)#9cN_=zo5/sm-B![#%p[s>%q)3R'o6Cg
.rlcdn.com/	1970-01-20 08:13:21	Name: rlas3 Value: rD0xxX8jT6ZTczS7kDKosf+4g2zcQKO+QKaRjs1v354=
.rlcdn.com/	1970-01-20 00:54:09	Name: pxrc Value: CAA=
.mediawallahscript.com/	1970-01-20 16:58:57	Name: mCookie Value: bb309910-5e7d-11ec-bd86-653679b3667f
.mediawallahscript.com/	1970-01-20 16:58:57	Name: mUserCookie Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lbgIHbRDnDB6
.mgid.com/	1970-01-19 23:27:47	Name: __cf_bm Value: tVXYHu45K.fwOAb0Scq5CKuUdZ8rG.s6ZfcU1lHC5K0-1639665464-0-AafQs4FBPXQumtqpYTtntAvtffVyCXP19iP/etWaMIEdbR8YHROoK8suMa0m4sz63TexBbG1O/8Ds2xAqmemM4E=
.addthis.com/	1970-01-20 08:49:21	Name: ouid Value: 61bb4f380001bd9d09251d4083018add0dd337de2aefbd4090a3
.addthis.com/	1970-01-20 08:49:21	Name: uid Value: 61bb4f38559f372a
.addthis.com/	1970-01-20 08:49:21	Name: na_id Value: 2021121614374458400166961862
.outbrain.com/	1970-01-20 01:37:21	Name: obuid Value: eb88b76b-3491-47c0-b33a-65a531f57176
.outbrain.com/	1970-01-20 00:10:57	Name: criteo Value: k-MrtDiPv7uzETsDsTHKJGosHZqEG17AvXFu8vjQ
cm.mgid.com/	1970-01-20 00:10:57	Name: mg_sync Value: {"617660":1639665464}
.tpmn.co.kr/	1970-01-20 08:13:21	Name: uuid Value: dd064afddbee4350a052555c50d45688
.tpmn.co.kr/	1970-01-20 00:10:57	Name: criteo Value: k-vmyWX_v7uzETsDsTHKJGosHZqEFeaJmIGaXYFw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9568187.fls.doubleclick.net
ad.360yield.com
ad.tpmn.co.kr
ads.yahoo.com
adservice.google.com
advcake.dataroyal.com.br
analytics.tiktok.com
api.soclminer.com.br
az416426.vo.msecnd.net
b.clarity.ms
b.t.tailtarget.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.mgid.com
cms.getblue.io
connect.facebook.net
contextual.media.net
crb.kargo.com
cw.addthis.com
d.tailtarget.com
d.turn.com
dc.services.visualstudio.com
dis.criteo.com
eb2.3lift.com
emprestimosim.com.br
event.getblue.io
googleads.g.doubleclick.net
gum.criteo.com
hitbr.acstat.com
ib.adnxs.com
idsync.rlcdn.com
mug.criteo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.rubiconredirect.com
pixel.tapad.com
plugins.soclminer.com.br
pubads.g.doubleclick.net
r.casalemedia.com
s.ad.smaato.net
script.hotjar.com
scripts.rubiconredirect.com
secure.adnxs.com
simage2.pubmatic.com
smct.co
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
t.tailtarget.com
tags.t.tailtarget.com
trc-events.taboola.com
trc.taboola.com
tt-14643-9.seg.t.tailtarget.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
vars.hotjar.com
widget.getblue.io
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
104.19.133.78
104.75.88.126
13.32.22.49
13.32.22.92
13.69.106.217
141.226.228.48
142.250.184.198
142.250.185.162
142.250.185.66
142.250.186.34
143.204.209.102
151.101.1.44
177.54.158.78
178.250.0.163
178.250.2.146
18.156.0.31
18.195.140.97
18.229.207.252
185.64.189.110
2.16.186.234
2.18.234.21
2.18.235.93
20.75.32.255
2001:678:cb4:bbbb::13
212.82.100.181
2600:9000:211e:9a00:1b:5138:8a40:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:d55
2606:4700:3033::ac43:a21b
2606:4700::6810:135e
2606:4700::6810:5914
2620:1ec:27::cafe:1503
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.127.120.47
3.127.192.192
34.102.166.132
34.102.185.99
34.255.54.140
34.98.64.218
35.201.123.184
35.227.248.159
35.244.174.68
37.252.173.22
52.142.114.2
52.151.244.28
52.48.136.232
54.94.251.185
64.202.112.95
69.173.144.165
74.119.119.150
76.223.111.18
99.81.7.40
005f6a0d314f06868f82daa1e0f8e6b94321af2a4cd410bc4a96ab879a1bdb31
01051be053fcedd16a6ab6e7acc66608d4fbfb681cce4bea94acdd437d394df1
020d991f34b25255c5d3b70e6936745189ff0b2dbb2409382a50af9d1bdf5502
028cfffbb95e5cf5b22d69c67eded5c775aa0d6f6ffb7f574793fa57d17099f1
06ea6bd5f25988532f34714dd3d9eaf8624eef5ccb866c9cd94eedc2e5dca957
084119d0a46d77d508b5168077c5828cc262b59e95d6b701e9b97404aaa2e8fd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e725d69278a65530fe6ba49c135b6aa183cf0c1a113ba85abcd4e187f6dc6ab
0e99da59f51e650fbb1b6df59cc436aedfa1b47822eb32265c7e292782cd9c69
0ebd5b9cdd27ed1c358552d2e9c5ee954bb5e2161352b8c3ee5c0b5f4a6e4a25
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1324fd77be8e7aff037ca9c9c92a7860070d3a2e87e331f4c71703db9704494b
18db69f82e97b7e73d6408effc8ff565de7bed09a33e404843c285ceddb98169
1d121dba61f66283c750f65d6d81811a4de81e934c2b88af484e20ea0b47d0ca
28f797f5a9ae23852225ec2100e27e4a8df49ec18e9998c5f3d1d8b793c7cb16
29d9a71189f653fe1537774392e7f3bd33fb545806d8becb1bb946e3a6bf046d
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
2b228086efc2c1c401b4fdaef2178d6e979ff4836b50f354fdc6c3a03d17ec28
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1f87a0a9e879ebb1ecbd4289959da98fe431b56aec57a127764544aa789fa1
306f42a79bc1bc9d391a0409d8d2944c9e35bbe799350a7702be83a59c3455b7
3187a1de8160d8d1d05c49b6034d8aa2fcff5592352acfa9f68b2d932615ace9
31da01b4b96d1236e4e31701fd387c77d157c93890b1ed02daa10648a666e7a8
32850ce957f8bf73923468dfed25d6f1c06e5ac02b7ce47c26084b2e2f697531
3330c8a22c1f813b5b0e27fb8f66d3b712635344b270f3ef84690f7066ffdcdc
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
37408e9d210662601814265ec09573aa9ec177428be2fb402bbc6700091dfa7f
39f6c4ef5a24d1f3dddc23de1255fcc54dd65dad02044948740f7d7d01aa1737
3e90615c3c06319f4622408a45b372f057c11e5ff2e27add16604dde77318c34
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed9b7c3aaad2012fb70a207e14020afe2cca88b7249e99b3e3a1ece18eb8154
41f40556d764448a5c8220598ddf5c7df825bced46014dbca751e80e3b3d429e
487fbd1d8ca8cf2e53e83886159aab9f6c254c56398c19bd122c36de31fb7692
494a751d49a3f23fc14fa2d28533efaf80d62dec49cc0660245af016511efe7f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6f82250c1c112b470293e7f7a2f4b8211ab930bfeaf34f41395d5f0ec5176c
4c0fc46e9c98ea5580cc72895140b9df71a21956c6420cfbd21d30a8d99cb175
4c1bf4b3e0d3235bfb1498486e6902c33f46638801c3e951eb7a41964da25175
4c4ca5453e4e7057f6886a9abed8475282bebe77e3d557caae6e3c5b602f046a
4ced766df0eef2d357f99623b5f946b9eb4f999f91f181ab65d9b29f88c164a9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
512b293a3ce0b2312aadde480a58225ae2d9f6c2e7ab2f7a319a250ccba968ce
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
54243c64fd95ef59ed51f24e101aa27c0463d4938a6ff2e9c532c073bbd205d6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
54e5b6884e279b2fd4d831ac8c420a1faa62568d8265b7f59d167adda73dec45
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
59359bb684b7d804cbde5e353be13ac89e2ab8a613207b6e2a6b7c2060f564e9
596802b0fafb866a1aadd3a0a97e7f097a5154727eecf295bafd16c5dd6ad0f6
5b92a408bbe994550b7055a07066d79ec13a646062d36f046dbd84a9d59e86e1
5d9ffc968bbb93021c830faa409c2e74f8c9dc38553aa1d050b1dd577302df2c
5e70a7ded6c462f26c094a0ce5686085ba28617fc4721bbbc2670990cf763742
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60f2d874fe8d8374f3b27bda3bcfedfe170c03657f4c2e029fb1e589a32e1659
61e6c217cd1a260baa2044f80dcb9261df2a838fe2102837c2aa01cd9fb429bf
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6ad675bbd60efef34b982f0415da711f4d5762b907e837c7db65c9797ff80cbc
6b7fe2019fa4dfc6f49c95484cb7a05501450530c897c26daee45487dfc29b5b
6bb7382e03f8ab0dc4a5caf5063c2386d8dbd4269fc75ec1f45dc6295f6fb34c
6d736f50ef6d4795b13498d6d34c65f2d1b5ff499acc7a8495ea14952d6d6e2a
6faf85a32370b0f1bdb03fe27e70c2afcafe3d28d6ecd7427d82abe90739f88f
6fe7efed9a4312e1ab71d3610d45a086e045ffa27aa7794581ffdaa22fe557a7
70d3488c2f6aa74fae0bead6cba1dd40a175b1de0c60ca33709a9cf692c5f1f5
71a0b537fd71eaf145bc4cb65b497b6c87aabf15de321da3b5cf1a36872c9937
71ebd5114ebf1a3b32c0eaebce288307488224ec79f3f8a8ceeee8876d0af59d
757718d6ba1bd6bfa4d49c3ac57a3019e760eab6fd90282197ce1df5cf8c4806
75818feb9ac09f9b8233998bec39da72278587000fe97db712c04a99d79c9654
75e39f710094385f3fee0e9450350f07b46d2d7b6891557b5e2865d24483c9cd
76b37dc6098460c2a53be5b75b49a65b3c26fe96430d900ecc4c5a2da022064a
7834930d02299cc017b7ba4ee8e823d43c86515b46a6ce4c967b982c3f8cba14
78a4affa9e84f4e8c47b0f36d693be58b9b3ae8fa915658bc1a5f22b8a0779a0
7b4c6ef0dcedf6c4f8a43a20fbde48e8ed3fcb3316aca8a1afb1d801619e7b31
7be7fdc8e2a2c877680dee52f0608e07bbd0a15eb504801c73d3e176f6360d7b
7c3b5a5d2b178badd550c252a01a8b38eb0ab9e8bd32c401d79a3b3b5061c7a9
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fb376b72cf3b6cad91afdf2f44473432ecd56d36e43e5d96888d9e062f5f2d5
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8412ebbbd663c6edcfdbb56534eb91b525d21761bb1a1d4332e5fc59d3df78aa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86ca0956287bf33bf7c403d72fe2fade985d7af3ac007aa32fd93c2a175f666e
87c1de9aea20cba9c3dcabaeb0bbfa8785928480d506c3c2b6ed90a726e5e486
883b61a0129a1c642102f5710a0366aedd0492e9e07b42e9d3f3c1136fc5ecf2
8846364f9e6fc56919f66481e74f2ca69747b0a567746f437e2049af6e40441d
8cad9bffb1fd1791e0a2642266408088ec12e5cc5fafc7af4a280bb249212960
8dfc2405e5d08ab9ab252a66c10e32d7ea6f7bafb87e55bd454bd9a34cd9abd1
8e35ac4fd1756306f009965d6fe9481b9397139a43391accbd2982f31ff934b9
8ee7b97a5f26b72055e2952fd6d25cfae3a1c0bd1f202a3ad6a6f69ba7406071
901366b232aeaefc355c6ee7c5d273425471e34532417c5c543d26ea5abf77cd
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
957b7ec761af8562d4f804961544adb70b58962d66bcb7b44faf67f94b1e0767
963175c7145b4c3511190ca12eaee50d09360dc66992c04d9ea066658570ee1b
963b33b968ee14442d917bb14b6c8155b4bfa633a6ce3d00e89ff9f05d630828
99b967491599021c6cc0ea663b6625f793e8904aad07726369e7606914b949d1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9be1dca15c6fb5b4a1fc6e813aebae4b7c2d68eb81cc6a9cb21952def0e066e1
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6
a2baa7178afbf3ed69bb633c8faf3413fb5a641559f7ca9e4baff9e85d0b9322
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acf5be56f209a330de84c19179e39d85f22ca8e89e864ae030a80e3f6c0d8349
ad64b7257343823e34f07ccba543c9fd46b9de103d9de40189ff2ab67c6ada29
b136dbfa78fbdc0b437f77bdcad9c5d61430e854cf81d0e9e05519dd34cc9813
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b5040fe6d40543776d53964540a5ae4b627fedae92c6b33cd2eb37bbd17e00ec
b7d6ec6a8be6a79f0e64f1d7dde87952afa9276af02dd779deb498e665cb9799
bac874abebe7e308db06ea6d95939d88db1a71a0a19f9be1bf73fe824925e466
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
be005ce7104312aeda33300b76a1baded55fd069dc721cfb210629f5214b3b80
bf94c909adf6a828a90f52019d2084d0bea370640406f9536e107ac09ce2caf4
c021dbaf03fa02196a021dafb20b30e306785b544390df3501032be13051306e
c1a32518942e5015bb0279d3209c80ad61931d97006692b0ef641ea8eda9a287
c634169ddec0a7d173c26eae773a6e9287107b5636292eaa9e95d28e6a5e62d0
c73a69f2dfe8ee35952f59dad1a17b01b3dad0cc5a3894a82bb4d6910385afa7
c763a7b86f4b8e21741d95bf307b2932555a20d4ad383adc764c99fdbb8e88d8
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc293282b495a12623e29b2e8c3956de3b29f119f3fc98e05db7fbeeb2a92521
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff4c9a7cfb81ada40cab74cc0af1ada391fb13300b7cc782c2fa0cc2150a607
d1d4c83cfb24a78f644f9c20378436e4115486d456634c0123223e90b4aa2cde
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d4a5c1251e7077f92a2113be5b8474f21cd1e05093a3104c7f2436aeedb19256
d9a2f001a591c56ecd539d99bbc567cabde920e0c0ceb4cc42ca8f6249d5dcd5
dcdb44113ac0b14bb20311e388f09cb0f9dc918f68ca89aaaf094937ad074efe
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e738597d37abf0cfe4244ce0580b43a9ba2132810438299c2d8e9201d6aa161c
e9b9b1b95a55e511cab2a45f56608a089519299f7a7a3ffc4e7e0f9781c9b0c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0aaeb8b02a4154df89fbfa608ecbf120a1ccba9918828c2700a309ac6485d8c
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4f71525283fe2a27ceee023b03774b9d99501435bcecbf65459803156e7f557
f619b5799e1a6dad1c8bfd400e565bd247d55283899b596f229eb9f627446375
f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780
fb57602da70594b9a0c016c0f38d17a826fc249c364f642fd2a944e8b9902282
fd375bda8830483c65a66d11deda2e7063a80d63ddefaa31708bf777bd93dda2

emprestimosim.com.br Open in urlscan Pro 52.151.244.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

182 Requests

89 %HTTPS

35 %IPv6

50 Domains

78 Subdomains

64 IPs

9 Countries

2636 kBTransfer

4543 kBSize

90 Cookies

14 Outgoing links

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

emprestimosim.com.br Open in urlscan Pro
52.151.244.28 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

89 %
HTTPS

35 %
IPv6

50
Domains

78
Subdomains

64
IPs

9
Countries

2636 kB
Transfer

4543 kB
Size

90
Cookies

182 HTTP transactions
9 data transactions