urlscan.io logo urlscan.io
SecurityTrails logo

www.portaldoemprestimo.com Open in urlscan Pro
2606:4700:3033::6815:3653  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.portaldoemprestimo.com/
Submission: On January 20 via api from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3033::6815:3653, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.portaldoemprestimo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 28th 2020. Valid for: a year.
This is the only time www.portaldoemprestimo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3033::6815:3653 (United States)

ASN13335 (CLOUDFLARENET, US)
www.portaldoemprestimo.com
22    35.190.84.143 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 143.84.190.35.bc.googleusercontent.com
cdn-5ab9d0c2f911c804c81e134b.closte.com
1    2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
4    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
13    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
22 cdn-5ab9d0c2f911c804c81e134b.closte.com www.portaldoemprestimo.com
ajax.cloudflare.com
cdn-5ab9d0c2f911c804c81e134b.closte.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 pagead2.googlesyndication.com www.portaldoemprestimo.com
pagead2.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com cdn-5ab9d0c2f911c804c81e134b.closte.com
1 cdn.ampproject.org ajax.cloudflare.com
1 www.googletagmanager.com www.portaldoemprestimo.com
1 ajax.cloudflare.com www.portaldoemprestimo.com
1 www.portaldoemprestimo.com
56 18

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-28 -
2021-07-28		 a year crt.sh
*.closte.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-30 -
2021-05-30		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.portaldoemprestimo.com/
Frame ID: C9E613831063C55A1CE0CF0A90899ED8
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/zrt_lookup.html
Frame ID: 8CBDB6AB459648E8B99D4FFFD9199D6D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&adk=1812271804&adf=3025194257&lmt=1611158571&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611158571257&bpp=14&bdt=1614&idt=361&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2889405848404&frm=20&pv=2&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=388
Frame ID: 589B41E984E610F1CFDCAD86281358B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=200&slotname=9237767449&adk=2143002931&adf=1025385610&pi=t.ma~as.9237767449&w=1160&fwrn=4&lmt=1611158571&rafmt=11&psa=0&format=1160x200&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&wgl=1&dt=1611158571274&bpp=6&bdt=1631&idt=399&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=220&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IGwjFeprK1&p=https%3A//www.portaldoemprestimo.com&dtd=415
Frame ID: 0E2B61E50F33E245762DA8580044255A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 34D909A888D2F70603685BF13BD07E9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.161032325~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=1200x280&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=2&bdt=2740&idt=-M&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k9hZhf2vUq&p=https%3A//www.portaldoemprestimo.com&dtd=14
Frame ID: CD785DCCE1193100A4C9BA30CAA90770
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=280&adk=3088186576&adf=3476139620&pi=t.aa~a.4013118026~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=1200x280&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=1&bdt=2739&idt=-M&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200%2C1200x280&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=P0Z6NW3nt7&p=https%3A//www.portaldoemprestimo.com&dtd=19
Frame ID: BD6BEF85F2509DA086EF124788D87628
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=250&adk=233731399&adf=3114614330&pi=t.aa~a.343661432~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=357x250&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=1&bdt=2739&idt=-M&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200%2C1200x280%2C1200x280&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1019&ady=2918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=fAHggZGIBs&p=https%3A//www.portaldoemprestimo.com&dtd=86
Frame ID: 0C1AE403A7028482AC120332A859DD08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=50&adk=4264318083&adf=3321421769&pi=t.aa~a.2702046320~rp.3&w=397&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=397x50&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=1&bdt=2740&idt=1&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200%2C1200x280%2C1200x280%2C357x250&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MHJvQgi0Z5&p=https%3A//www.portaldoemprestimo.com&dtd=99
Frame ID: 75974B90F84FD4A039BCA136E5851D01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/zrt_lookup.html?fsb=1
Frame ID: 4BEFE588DC5E0CA4FDBE90856814C80D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

56
Requests

100 %
HTTPS

88 %
IPv6

14
Domains

18
Subdomains

16
IPs

3
Countries

532 kB
Transfer

1422 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.portaldoemprestimo.com/ 		87 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc5d39545e396435faf38fc5b2fda56a7aeff502bbf6441751146d77c55f973

Request headers

:method
GET
:authority
www.portaldoemprestimo.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:49 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db56371c2a3b7371bd0cba2195673c4d61611158568; expires=Fri, 19-Feb-21 16:02:48 GMT; path=/; domain=.portaldoemprestimo.com; HttpOnly; SameSite=Lax; Secure
link
<https://www.portaldoemprestimo.com/wp-json/>; rel="https://api.w.org/"
cache-control
public,s-maxage=30
x-cacheable
yes
x-litespeed-cache
hit
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
07c221d6df00001f4523161000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uPrWc4VhOfk8XQmEobrp5ZJ2si%2FbyEHELm4BSgly0u1F1fx92S9g3V1WKJ10pufnZzretlnKbsLekrxUyhqP5Rh710L6WrK9YaFKY4b8%2BNdzaeNvfEnQ3RkTr2pCe0keRQdpDBE6kw%3D%3D"}],"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
614a059e3b1d1f45-FRA
content-encoding
br
3b957.css
cdn-5ab9d0c2f911c804c81e134b.closte.com/min/ 		146 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/min/3b957.css
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
LiteSpeed /
Resource Hash
5c17347c0a4ad2f6947ba4cc26fc3dacffbb80519098e2089c8de30b27cd3668

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 12:29:46 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 06:51:46 GMT
server
LiteSpeed
age
12783
vary
Accept-Encoding
content-type
text/css
via
1.1 google
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
link
<https://www.portaldoemprestimo.com/min/3b957.css>; rel="canonical"
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27621
expires
Fri, 19 Feb 2021 12:29:46 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
07c221dacc000097847a039000000001
last-modified
Thu, 14 Jan 2021 19:13:28 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"600097d8-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CkMgP2gYhLRShoxdUNhXpjMHL1u17mVMEinDE%2FOyfpOOxkXPg2pGPqqrwu3RBOGcipDgpd3dBCC5bZO%2B614ST2HVg%2FtyVQHtDa7bXi9AIjMNkyFROjMRcEQVZgizOIqB"}]}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
614a05a47c029784-FRA
expires
Fri, 22 Jan 2021 16:02:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c685db1a28aa02aa1b43f51d4a85e823a140760be641d58559ee796a3739ff2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47567
x-xss-protection
0
server
cafe
etag
506700201699315331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Jan 2021 16:02:49 GMT
logo-pde.png
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/08/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/08/logo-pde.png
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
consulta-serasa-spc-333x332.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2009/05/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2009/05/consulta-serasa-spc-333x332.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
aymore-financiamentos-333x274.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2009/05/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2009/05/aymore-financiamentos-333x274.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
Crefisa-Emprestimo-Negativado-333x343.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2009/05/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2009/05/Crefisa-Emprestimo-Negativado-333x343.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
tabela-fipe-1-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/05/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/05/tabela-fipe-1-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
cart%C3%A3o-americanas-1-e1524789962421-390x200.png
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/04/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/04/cart%C3%A3o-americanas-1-e1524789962421-390x200.png
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
cartao-credito-sem-anuidade-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/03/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/03/cartao-credito-sem-anuidade-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
consignacao-de-carro-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/05/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/05/consignacao-de-carro-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
comprar-carro-pela-internet-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/05/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/05/comprar-carro-pela-internet-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
vender-ou-trocar-com-divida-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/02/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/02/vender-ou-trocar-com-divida-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
comprar-carro-usado-financiado-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/03/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/03/comprar-carro-usado-financiado-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
parcelas-atrasadas-financiamento-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/03/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/03/parcelas-atrasadas-financiamento-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
devolver-carro-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/02/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/02/devolver-carro-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
site-sodexo-beneficios-cartoes-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/02/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2019/02/site-sodexo-beneficios-cartoes-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
diferenc%CC%A7a-ted-doc-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/01/diferenc%CC%A7a-ted-doc-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
financiamento-violao-guitarra-390x200.jpg
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/11/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/uploads/2018/11/financiamento-violao-guitarra-390x200.jpg
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-34956321-1
Requested by
Host: www.portaldoemprestimo.com
URL: https://www.portaldoemprestimo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e8d7e6e9242d7fc02a43d97174d72bdac2448aa3ed5f765d51ed80249b364cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38966
x-xss-protection
0
last-modified
Wed, 20 Jan 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jan 2021 16:02:49 GMT
webfontloader.min.js
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/plugins/litespeed-cache/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/plugins/litespeed-cache/js/webfontloader.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
LiteSpeed /
Resource Hash
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 12:29:47 GMT
content-encoding
br
last-modified
Sat, 30 Nov 2019 03:53:23 GMT
server
LiteSpeed
age
12783
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
link
<https://www.portaldoemprestimo.com/wp-content/plugins/litespeed-cache/js/webfontloader.min.js>; rel="canonical"
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4649
expires
Fri, 19 Feb 2021 12:29:47 GMT
c18fc.js
cdn-5ab9d0c2f911c804c81e134b.closte.com/min/ 		136 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/min/c18fc.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
LiteSpeed /
Resource Hash
f018c7f22f721f78861066f3076d8019395dd94d993680bb465fe5bdf5c70fab

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:10 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 06:54:24 GMT
server
LiteSpeed
age
39
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
link
<https://www.portaldoemprestimo.com/min/c18fc.js>; rel="canonical"
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33559
expires
Fri, 19 Feb 2021 16:02:10 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f670c8ae6541681ecc6012d4ce933238a1e831b5f32dc4ddda0ce235b797b70
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19678
x-xss-protection
0
server
sffe
date
Wed, 20 Jan 2021 16:02:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"4874403a9b76b236"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jan 2021 16:02:49 GMT
f514c.js
cdn-5ab9d0c2f911c804c81e134b.closte.com/min/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/min/f514c.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
LiteSpeed /
Resource Hash
01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:10 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 06:51:46 GMT
server
LiteSpeed
age
39
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
link
<https://www.portaldoemprestimo.com/min/f514c.js>; rel="canonical"
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3787
expires
Fri, 19 Feb 2021 16:02:10 GMT
jquery.js
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-includes/js/jquery/jquery.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
LiteSpeed /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:10 GMT
content-encoding
br
last-modified
Wed, 15 Jan 2020 20:16:43 GMT
server
LiteSpeed
age
39
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
link
<https://www.portaldoemprestimo.com/wp-includes/js/jquery/jquery.js>; rel="canonical"
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32853
expires
Fri, 19 Feb 2021 16:02:10 GMT
fontawesome-webfont.woff2
cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/themes/wppde/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/themes/wppde/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn-5ab9d0c2f911c804c81e134b.closte.com
URL: https://cdn-5ab9d0c2f911c804c81e134b.closte.com/min/3b957.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.190.84.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.84.190.35.bc.googleusercontent.com
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://www.portaldoemprestimo.com
Referer
https://cdn-5ab9d0c2f911c804c81e134b.closte.com/min/3b957.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 14:27:09 GMT
via
1.1 google
last-modified
Fri, 31 Aug 2018 05:30:19 GMT
server
LiteSpeed
age
5741
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
link
<https://www.portaldoemprestimo.com/wp-content/themes/wppde/assets/fonts/fontawesome-webfont.woff2?v=4.7.0>; rel="canonical"
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77160
expires
Fri, 19 Feb 2021 14:27:09 GMT
css
fonts.googleapis.com/ 		5 KB
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400%7CCatamaran:300%7CRoboto+Condensed:300&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Requested by
Host: cdn-5ab9d0c2f911c804c81e134b.closte.com
URL: https://cdn-5ab9d0c2f911c804c81e134b.closte.com/wp-content/plugins/litespeed-cache/js/webfontloader.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08d12d51292fe84955d1cee6c0f2d910dfee511e85de5a2d774682282776e10b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jan 2021 16:02:50 GMT
server
ESF
date
Wed, 20 Jan 2021 16:02:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jan 2021 16:02:50 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400%7CCatamaran:300%7CRoboto+Condensed:300&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.portaldoemprestimo.com
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:400%7CCatamaran:300%7CRoboto+Condensed:300&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 22:24:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:42 GMT
server
sffe
age
322685
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10968
x-xss-protection
0
expires
Sun, 16 Jan 2022 22:24:46 GMT
o-0bIpQoyXQa2RxT7-5B6Ryxs2E_6n1iPCbd5a7dvXmnPy1tig.woff
fonts.gstatic.com/s/catamaran/v7/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/catamaran/v7/o-0bIpQoyXQa2RxT7-5B6Ryxs2E_6n1iPCbd5a7dvXmnPy1tig.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400%7CCatamaran:300%7CRoboto+Condensed:300&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee680776053989b78060e4333940c16c67ab1c24bbc068436628c7ec0e19923f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.portaldoemprestimo.com
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:400%7CCatamaran:300%7CRoboto+Condensed:300&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 00:15:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Jul 2020 02:03:15 GMT
server
sffe
age
143248
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10864
x-xss-protection
0
expires
Wed, 19 Jan 2022 00:15:23 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400%7CCatamaran:300%7CRoboto+Condensed:300&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.portaldoemprestimo.com
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:400%7CCatamaran:300%7CRoboto+Condensed:300&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 20:16:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:35 GMT
server
sffe
age
416803
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11052
x-xss-protection
0
expires
Sat, 15 Jan 2022 20:16:08 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/ 		228 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61bef528f51b67951802ce74eedb99dda7b476671a1cacef80c4a8fe0a5633ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87099
x-xss-protection
0
server
cafe
etag
6583541633825610200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Jan 2021 16:02:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/ Frame 8CBD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210113/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portaldoemprestimo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.portaldoemprestimo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 19 Jan 2021 22:05:07 GMT
expires
Tue, 02 Feb 2021 22:05:07 GMT
content-type
text/html; charset=UTF-8
etag
12197657918578843409
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4751
x-xss-protection
0
age
64664
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34956321-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2599
date
Wed, 20 Jan 2021 15:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 20 Jan 2021 17:19:32 GMT
collect
www.google-analytics.com/j/ 		2 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1653033011&t=pageview&_s=1&dl=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&ul=en-us&de=UTF-8&dt=Empr%C3%A9stimo%20Pessoal%20e%20Cr%C3%A9dito%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1449329882&gjid=346873408&cid=794105511.1611158572&tid=UA-34956321-1&_gid=1472245987.1611158572&_r=1&gtm=2ou161&z=293233192
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 16:02:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.portaldoemprestimo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		212 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.portaldoemprestimo.com&callback=_gfp_s_&client=ca-pub-3589584079460192
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
f3519e5ada99386d58fa616eb89c0d76bd89c66414e54a58f629a63ddfb0c143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.portaldoemprestimo.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jan 2021 16:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.portaldoemprestimo.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jan 2021 16:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&tn=DIV&cls=cookies-window%20cookies-banner%20cookies-type-info%20cookies-theme-block%20cookies-bottom%20cookies-color-override--1762072787%20&ign=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 16:02:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 589B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&adk=1812271804&adf=3025194257&lmt=1611158571&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611158571257&bpp=14&bdt=1614&idt=361&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2889405848404&frm=20&pv=2&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&adk=1812271804&adf=3025194257&lmt=1611158571&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611158571257&bpp=14&bdt=1614&idt=361&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2889405848404&frm=20&pv=2&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=388
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portaldoemprestimo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.portaldoemprestimo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Jan 2021 16:02:52 GMT
server
cafe
content-length
39501
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Jan-2021 16:17:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Jan 2021 16:02:52 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210113&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88c690be24f893edb75545425c66d7ccfae5fb46a9960e844918356582cf226a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jan 2021 16:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6783
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76f7814d2699bc638cedc18dd13eae37e42640f29a5f95f2cf27c818b3df1aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1610973511495198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28295
x-xss-protection
0
expires
Wed, 20 Jan 2021 16:02:51 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-34956321-1&cid=794105511.1611158572&jid=1449329882&gjid=346873408&_gid=1472245987.1611158572&_u=IEBAAUAAAAAAAC~&z=1005096690
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Jan 2021 16:02:51 GMT
content-type
text/plain
access-control-allow-origin
https://www.portaldoemprestimo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1653033011&t=timing&_s=2&dl=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&ul=en-us&de=UTF-8&dt=Empr%C3%A9stimo%20Pessoal%20e%20Cr%C3%A9dito%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2545&pdt=207&dns=1&rrt=0&srt=639&tcp=21&dit=1234&clt=1248&_gst=2639&_gbt=2880&_cst=2632&_cbt=1431&_u=IEBAAUABAAAAAC~&jid=&gjid=&cid=794105511.1611158572&tid=UA-34956321-1&_gid=1472245987.1611158572&_slc=1&z=1077291410
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 16:02:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.portaldoemprestimo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0E2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=200&slotname=9237767449&adk=2143002931&adf=1025385610&pi=t.ma~as.9237767449&w=1160&fwrn=4&lmt=1611158571&rafmt=11&psa=0&format=1160x200&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&wgl=1&dt=1611158571274&bpp=6&bdt=1631&idt=399&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=220&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IGwjFeprK1&p=https%3A//www.portaldoemprestimo.com&dtd=415
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=200&slotname=9237767449&adk=2143002931&adf=1025385610&pi=t.ma~as.9237767449&w=1160&fwrn=4&lmt=1611158571&rafmt=11&psa=0&format=1160x200&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&wgl=1&dt=1611158571274&bpp=6&bdt=1631&idt=399&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=220&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IGwjFeprK1&p=https%3A//www.portaldoemprestimo.com&dtd=415
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portaldoemprestimo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.portaldoemprestimo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Jan 2021 16:02:52 GMT
server
cafe
content-length
25419
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Jan-2021 16:17:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Jan 2021 16:02:52 GMT
cache-control
private
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34956321-1&cid=794105511.1611158572&jid=1449329882&_u=IEBAAUAAAAAAAC~&z=1848536194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 16:02:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34956321-1&cid=794105511.1611158572&jid=1449329882&_u=IEBAAUAAAAAAAC~&z=1848536194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 16:02:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Wed, 20 Jan 2021 16:02:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 34D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portaldoemprestimo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.portaldoemprestimo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Wed, 20 Jan 2021 15:18:13 GMT
expires
Thu, 20 Jan 2022 15:18:13 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2678
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210113&jk=2400884785976140&bg=!MjGlMXLNAAUYkFXlGDsAKQB2-DxaPT0Ujt43g9FUdRsMM2LC1mgF2UbdfebVP8jFB5-yX4GAm-KiAgAAARBSAAAAN2gBBwoA6OmufEi8WdDwexa6XemVnS5dyjmWmQZb2jSimpR6-ApKuNRviF-I1jP-liDNYVIMnhtho6E1WQBTD8SyfAEfLWKrOpJrXtdOMgR6IbZN0GI_hnblL5WCtpleIDGc3pytAnzmAcquIkVeM37e2B0YcO6zs1T2ApbaNuVwGg81r7ttedryjOCuicQ8kzn0aYUxd2xYLArT1baZvsRX1epdrmxyhLZhXh-t-2iN5E8zI49sGEXrTikghP6fcvrTFN4BA8U4TRxZatxxuIXfRucLw7bRy1aNyQVA2vjnm-UdbjNVSrniOcD9nwaZAeWPUxj3a1_yPQOtKh6YtlHNveoOR7Ma1NXb8QmVnDCgjxttWhRNfskXC3ia22xCgWE1rSGv0MR3zkl6uuSrgpFY7iKnIZe6BZh1UHsyiE06DJSBPL4I1ACSuwMALFAncug7n2wem7UUBOGech5e7RaGHycQwDIzensprITS4Q-udisUjfrZF9XeMDzPgqIyBqWJFv-gayf2VJZA1I6HhEjuSY_YrW65LQAq00Esf28El_9g44AjkpQGKTTbjE9o0ATPUIeboL6F9Pnmn0qAxdWKfas9Z0wHYm2T-ydcVG8-lvkxIKUzI_sCjcGiFneliGRmfgwgUlWrVMYwGOJYfzn8_qNmWIrLHRzVBDNE_WKegP6xZwClcblpO-xJ5yGBlZoYNvqUk8rnvaMN693p5PMq-neHAPkt_XJDlsyYwJ5UHjElsfylThh8xtf1EUq1n7VN8R_lFW2TJ9jrMZLc29_u_X5gIa1AELS6Imir0GssfFvPdhIyLVXIFdRPhW1fjSS8m_xFHIMZr8fYhhR--5mwOuZMKEg8HkC2Qo88bDJ-W9g6cguZEi-OQs8sL28HJ6pe6ojztLxrb81GjD6phbKPUFy_EjV-uGB_mMqXmagAs3FAt9-C6UoiTNKtgbGSGvmhPumXIQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 16:02:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/ 		142 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
212ec18aaef0eddb381b124114799910d9920c8bf704e7350681b858695b29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.portaldoemprestimo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 16:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
52197
x-xss-protection
0
server
cafe
etag
5357816700311629216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Jan 2021 16:02:52 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CD78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.161032325~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=1200x280&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=2&bdt=2740&idt=-M&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k9hZhf2vUq&p=https%3A//www.portaldoemprestimo.com&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.161032325~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=1200x280&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=2&bdt=2740&idt=-M&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=k9hZhf2vUq&p=https%3A//www.portaldoemprestimo.com&dtd=14
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portaldoemprestimo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnlzQYQklgd42Jg5qxu9lVxJwouqX_bh4WwMktAwMFZuWDFvftKTjdND1C-CIA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.portaldoemprestimo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Jan 2021 16:02:52 GMT
server
cafe
content-length
24974
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Jan 2021 16:02:52 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BD6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=280&adk=3088186576&adf=3476139620&pi=t.aa~a.4013118026~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=1200x280&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=1&bdt=2739&idt=-M&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200%2C1200x280&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=P0Z6NW3nt7&p=https%3A//www.portaldoemprestimo.com&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=280&adk=3088186576&adf=3476139620&pi=t.aa~a.4013118026~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=1200x280&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=1&bdt=2739&idt=-M&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200%2C1200x280&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=P0Z6NW3nt7&p=https%3A//www.portaldoemprestimo.com&dtd=19
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portaldoemprestimo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnlzQYQklgd42Jg5qxu9lVxJwouqX_bh4WwMktAwMFZuWDFvftKTjdND1C-CIA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.portaldoemprestimo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Jan 2021 16:02:52 GMT
server
cafe
content-length
22352
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Jan 2021 16:02:52 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0C1A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=250&adk=233731399&adf=3114614330&pi=t.aa~a.343661432~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=357x250&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=1&bdt=2739&idt=-M&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200%2C1200x280%2C1200x280&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1019&ady=2918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=fAHggZGIBs&p=https%3A//www.portaldoemprestimo.com&dtd=86
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/279090813633330066/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/279090813633330066/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJSClLPxqu4CFVQC-QAdxc8OCQ&gqi=LFQIYNHQIYqRngXi9pGgAQ&layout=/sadbundle/%24csp%253Der3%24/279090813633330066/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=250&adk=233731399&adf=3114614330&pi=t.aa~a.343661432~rp.4&w=357&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=357x250&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=1&bdt=2739&idt=-M&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200%2C1200x280%2C1200x280&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1019&ady=2918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=fAHggZGIBs&p=https%3A//www.portaldoemprestimo.com&dtd=86
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portaldoemprestimo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnlzQYQklgd42Jg5qxu9lVxJwouqX_bh4WwMktAwMFZuWDFvftKTjdND1C-CIA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.portaldoemprestimo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/279090813633330066/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/279090813633330066/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJSClLPxqu4CFVQC-QAdxc8OCQ&gqi=LFQIYNHQIYqRngXi9pGgAQ&layout=/sadbundle/%24csp%253Der3%24/279090813633330066/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Jan 2021 16:02:52 GMT
server
cafe
content-length
37383
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Jan 2021 16:02:52 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 7597 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=50&adk=4264318083&adf=3321421769&pi=t.aa~a.2702046320~rp.3&w=397&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=397x50&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=1&bdt=2740&idt=1&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200%2C1200x280%2C1200x280%2C357x250&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MHJvQgi0Z5&p=https%3A//www.portaldoemprestimo.com&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4967598915021808933/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4967598915021808933/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNTOlLPxqu4CFeQS-QAdEr4Fxw&gqi=LFQIYM6tItOligO15oKoDg&layout=/sadbundle/%24csp%253Der3%24/4967598915021808933/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3589584079460192&output=html&h=50&adk=4264318083&adf=3321421769&pi=t.aa~a.2702046320~rp.3&w=397&fwrn=4&fwrnh=100&lmt=1611158572&rafmt=1&to=qs&pwprc=5263275146&psa=0&format=397x50&url=https%3A%2F%2Fwww.portaldoemprestimo.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611158572383&bpp=1&bdt=2740&idt=1&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4fbecae68a5ecc5-220bfdf8a8a6001e%3AT%3D1611158571%3ART%3D1611158571%3AS%3DALNI_MZKh8Vssvgb3Ye07NwQWKqyGbEgrg&prev_fmts=0x0%2C1160x200%2C1200x280%2C1200x280%2C357x250&nras=1&correlator=2889405848404&frm=20&pv=1&ga_vid=794105511.1611158572&ga_sid=1611158572&ga_hid=1653033011&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=601&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430%2C21068083%2C21068495%2C21068769%2C21069109&oid=3&pvsid=2400884785976140&pem=41&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MHJvQgi0Z5&p=https%3A//www.portaldoemprestimo.com&dtd=99
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portaldoemprestimo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnlzQYQklgd42Jg5qxu9lVxJwouqX_bh4WwMktAwMFZuWDFvftKTjdND1C-CIA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.portaldoemprestimo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4967598915021808933/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4967598915021808933/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNTOlLPxqu4CFeQS-QAdEr4Fxw&gqi=LFQIYM6tItOligO15oKoDg&layout=/sadbundle/%24csp%253Der3%24/4967598915021808933/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Jan 2021 16:02:53 GMT
server
cafe
content-length
37387
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Jan 2021 16:02:53 GMT
cache-control
private
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/ Frame 4BEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210113/r20190131/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portaldoemprestimo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.portaldoemprestimo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 20 Jan 2021 05:00:25 GMT
expires
Wed, 03 Feb 2021 05:00:25 GMT
content-type
text/html; charset=UTF-8
etag
12197657918578843409
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4751
x-xss-protection
0
age
39747
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| WebFontConfig object| __cfQR object| google_tag_manager object| dataLayer object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| WebFont undefined| $ function| jQuery function| loadCSS boolean| trackScrolling boolean| trackScrollingPercentage number| ScrollingPercentageNumber number| stLogInterval number| cutOffTime boolean| trackNoEvents boolean| trackNoMaxTime object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map number| google_lpabyc number| google_unique_id function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| tocplus boolean| __cfRLUnblockHandlers object| AMP object| _gaq object| stFailbackDefaults number| stIntervalObj boolean| EventNONInteraction object| Frequency object| Repentance function| TrackingLogTime function| stInitializeControlVars undefined| ScrollMatrix function| startTimeTracking function| fbuilderjQuery object| jQuery112406723976805983918 object| cookieconsent number| total_time object| wp object| CF_LOGICAL function| prec function| PREC function| cdate function| CDATE function| gcd function| GCD function| logab function| LOGAB number| LN10 number| PI number| E number| LOG10E number| SQRT2 number| LOG2E number| SQRT1_2 number| LN2 function| COS function| cos function| POW function| pow function| LOG function| log function| TAN function| tan function| SQRT function| sqrt function| CEIL function| ceil function| ASIN function| asin function| ABS function| abs function| MAX function| max function| EXP function| exp function| ATAN2 function| atan2 function| RANDOM function| random function| ROUND function| round function| FLOOR function| floor function| ACOS function| acos function| ATAN function| atan function| MIN function| min function| SIN function| sin string| method function| cf_logical_version function| IF function| AND function| OR function| NOT function| IN function| _validate_result function| _calculate function| _checkValueThrowingEquation object| hash object| qs object| pathname object| hostname string| docTitle object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_llp

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn-5ab9d0c2f911c804c81e134b.closte.com/min/f514c.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
cdn-5ab9d0c2f911c804c81e134b.closte.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.portaldoemprestimo.com
142.250.74.194
2606:4700:3033::6815:3653
2606:4700::6810:a823
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:814::2002
2a00:1450:4001:815::200e
2a00:1450:4001:818::2008
2a00:1450:4001:819::2002
2a00:1450:4001:825::2001
2a00:1450:400c:c08::9c
35.190.84.143
01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08d12d51292fe84955d1cee6c0f2d910dfee511e85de5a2d774682282776e10b
0e8d7e6e9242d7fc02a43d97174d72bdac2448aa3ed5f765d51ed80249b364cc
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
212ec18aaef0eddb381b124114799910d9920c8bf704e7350681b858695b29ab
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
5c17347c0a4ad2f6947ba4cc26fc3dacffbb80519098e2089c8de30b27cd3668
61bef528f51b67951802ce74eedb99dda7b476671a1cacef80c4a8fe0a5633ec
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
6f670c8ae6541681ecc6012d4ce933238a1e831b5f32dc4ddda0ce235b797b70
76f7814d2699bc638cedc18dd13eae37e42640f29a5f95f2cf27c818b3df1aa1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88c690be24f893edb75545425c66d7ccfae5fb46a9960e844918356582cf226a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bcc5d39545e396435faf38fc5b2fda56a7aeff502bbf6441751146d77c55f973
c685db1a28aa02aa1b43f51d4a85e823a140760be641d58559ee796a3739ff2b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ee680776053989b78060e4333940c16c67ab1c24bbc068436628c7ec0e19923f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f018c7f22f721f78861066f3076d8019395dd94d993680bb465fe5bdf5c70fab
f3519e5ada99386d58fa616eb89c0d76bd89c66414e54a58f629a63ddfb0c143