plantaocredito.xyz Open in urlscan Pro
143.198.150.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://plantaocredito.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwbGFudGFvY3JlZGl0by54eXolMkZjYXRlZ29yeSUyRmNhcn...
Effective URL:
https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Submission: On August 11 via manual (August 11th 2021, 11:51:55 am UTC) from BR

Summary HTTP 143 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 19 domains to perform 143 HTTP transactions. The main IP is 143.198.150.47, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is plantaocredito.xyz.
TLS certificate: Issued by R3 on July 26th 2021. Valid for: 3 months.

This is the only time plantaocredito.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.159.158.48 54.159.158.48	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6811:586d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	143.198.150.47 143.198.150.47	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:45b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	52.204.196.81 52.204.196.81	14618 (AMAZON-AES) (AMAZON-AES)
32	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
143	29

1 54.159.158.48 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-158-48.compute-1.amazonaws.com

plantaocredito.lt.acemlnb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:586d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

plantaocredito.activehosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 143.198.150.47 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

plantaocredito.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:45b7 (United States)

ASN13335 (CLOUDFLARENET, US)

script.joinads.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.196.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-196-81.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com tpc.googlesyndication.com	624 KB
35	plantaocredito.xyz plantaocredito.xyz	572 KB
17	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net googleads4.g.doubleclick.net	201 KB
11	ampproject.org cdn.ampproject.org	218 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	243 KB
7	google.com 1 redirects adservice.google.com www.google.com	1 KB
2	app-us1.com diffuser-cdn.app-us1.com prism.app-us1.com	6 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.de adservice.google.de	287 B
2	google-analytics.com www.google-analytics.com	19 KB
2	joinads.me script.joinads.me	2 KB
1	2mdn.net s0.2mdn.net	58 KB
1	trackcmp.net trackcmp.net	271 B
1	google.se adservice.google.se	853 B
1	googleadservices.com partner.googleadservices.com	663 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	activehosted.com 1 redirects plantaocredito.activehosted.com	691 B
1	acemlnb.com 1 redirects plantaocredito.lt.acemlnb.com	244 B
143	19

	Domain	Requested by
35	plantaocredito.xyz	plantaocredito.xyz
32	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com plantaocredito.xyz googleads.g.doubleclick.net cdn.ampproject.org securepubads.g.doubleclick.net
14	pagead2.googlesyndication.com	plantaocredito.xyz pagead2.googlesyndication.com 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	cdn.ampproject.org	securepubads.g.doubleclick.net
8	securepubads.g.doubleclick.net	plantaocredito.xyz securepubads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com plantaocredito.xyz
5	www.gstatic.com	script.joinads.me
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	1 redirects tpc.googlesyndication.com plantaocredito.xyz
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	script.joinads.me	plantaocredito.xyz script.joinads.me
1	s0.2mdn.net	googleads.g.doubleclick.net
1	trackcmp.net	diffuser-cdn.app-us1.com
1	adservice.google.se	securepubads.g.doubleclick.net
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	plantaocredito.xyz
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	plantaocredito.xyz
1	fonts.googleapis.com	plantaocredito.xyz
1	plantaocredito.activehosted.com	1 redirects
1	plantaocredito.lt.acemlnb.com	1 redirects
143	27

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
plantaocredito.xyz R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.joinads.me R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-15` - `2022-07-14`	a year	crt.sh
*.google.se GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.trackcmp.net Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Frame ID: 73C6AF45A007B31486CFFAA5D207E528
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 1E70A6D3268D086896FA8A2516BFEE7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&adk=1812271804&adf=3025194257&lmt=1628682696&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F%3Fvgo_ee%3DgfImFm6A1tfa%252Fw5odir%252FckzkASpiHornD%252Fz2wZTd1jg%253D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628682696227&bpp=3&bdt=1073&idt=73&shv=r20210809&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6631265182171&frm=20&pv=2&ga_vid=1055100576.1628682696&ga_sid=1628682696&ga_hid=1029739457&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739547%2C42530671%2C20211866&oid=3&pvsid=2185988261639846&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=92
Frame ID: AFE9F24CBBC68A28954FE5082174F25F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=2347765671&pi=t.ma~as.4678813439&w=728&lmt=1628682697&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F%3Fvgo_ee%3DgfImFm6A1tfa%252Fw5odir%252FckzkASpiHornD%252Fz2wZTd1jg%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628682697163&bpp=2&bdt=2009&idt=2&shv=r20210809&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97c03a6eb0cc0ed0-225467c59ec90037%3AT%3D1628682696%3ART%3D1628682696%3AS%3DALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg&prev_fmts=0x0&nras=1&correlator=6631265182171&frm=20&pv=1&ga_vid=1055100576.1628682696&ga_sid=1628682696&ga_hid=1029739457&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739547%2C42530671%2C20211866&oid=3&pvsid=2185988261639846&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Fzxw8vSHIy&p=https%3A//plantaocredito.xyz&dtd=9
Frame ID: FAF9D51D8B3A30BAE8C80EA6B190F6F8
Requests: 1 HTTP requests in this frame

Frame: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 918F66FA4F97D12D0C3FE3443CA02BAD
Requests: 1 HTTP requests in this frame

Frame: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 317B4B7D4A20D861711BDE857DF65110
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AE009A74B91CA31052E40CBB9E87C590
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 406A31C7A6D97A50A14E7AB478AEB854
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNuAgAEQgprM9AEY-cDlrAEwAQ&v=APEucNVxfLG0lgh8QfZp94bSvidMngm3Tx2L-RvYLdKdDb0nKtKDc6ZyNozIFvK_OeYzFoHFmzZqBx6wCSvxYy-nRqAB3b5EYQ
Frame ID: A3AC01247CEDE44F55EC40350DD3B3AC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: CDB7D2CA1D79EAC8205238C1E20E044B
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D7DB7DB317EF9C9885BB0F3A6596E19C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: B0A62A1DD2A2EE592A2261765370D09F
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://plantaocredito.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwbGFudGFvY3JlZGl0by54eXolMk... HTTP 302
https://plantaocredito.activehosted.com/lt.php?s=66d09e1b7c65fbaf4657f1310a7189bc&i=104A112A4A328 HTTP 302
https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHor... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

143
Requests

100 %
HTTPS

80 %
IPv6

19
Domains

27
Subdomains

29
IPs

3
Countries

2053 kB
Transfer

4200 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Um comentarista do WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://plantaocredito.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwbGFudGFvY3JlZGl0by54eXolMkZjYXRlZ29yeSUyRmNhcnRhby1kZS1jcmVkaXRvJTJGY2FpeGElMkY=&a=26974550&account=plantaocredito%2Eactivehosted%2Ecom&email=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D&s=66d09e1b7c65fbaf4657f1310a7189bc&i=104A112A4A328 HTTP 302
https://plantaocredito.activehosted.com/lt.php?s=66d09e1b7c65fbaf4657f1310a7189bc&i=104A112A4A328 HTTP 302
https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

143 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
plantaocredito.xyz/category/cartao-de-credito/caixa/
Redirect Chain

https://plantaocredito.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwbGFudGFvY3JlZGl0by54eXolMkZjYXRlZ29yeSUyRmNhcnRhby1kZS1jcmVkaXRvJTJGY2FpeGElMkY=&a=26974550&account=plantaocr...
https://plantaocredito.activehosted.com/lt.php?s=66d09e1b7c65fbaf4657f1310a7189bc&i=104A112A4A328
https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D

78 KB
24 KB

970ms
553ms

Document
text/html

143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 59cf710a53864599c1ae08d5f67388dbaf3375bbc802fd5ff7e260b13cc069a6

Request headers

Host: plantaocredito.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 11 Aug 2021 11:51:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://plantaocredito.xyz/wp-json/>; rel="https://api.w.org/" <https://plantaocredito.xyz/wp-json/wp/v2/categories/10>; rel="alternate"; type="application/json"
Content-Encoding: gzip

Redirect headers

date: Wed, 11 Aug 2021 11:51:34 GMT
content-type: text/html; charset=UTF-8
content-length: 0
set-cookie: PHPSESSID=e4a30c919d309598a504f0a97f1ae280; path=/; secure; HttpOnly em_acp_globalauth_cookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.plantaocredito.activehosted.com em_acp_globalauth_cookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.plantaocredito.activehosted.com em_acp_globalauth_cookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.plantaocredito.activehosted.com em_acp_globalauth_cookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.plantaocredito.activehosted.com cmp26974550=94c3d56361d9895afbb8f896106939e4; expires=Fri, 10-Sep-2021 11:51:33 GMT; Max-Age=2592000; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-request-id: 418a680bda8660f680938d2ea5acb183
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
location: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67d140b3e9f86455-FRA

GET
H/1.1 200
OK all-light.min.css
plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/ 191 KB
191 KB 210ms
208ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/all-light.min.css?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: edb9155737a1151ce1c8b5aeb936d79cb06d1ae7ec19c3c0e78a8cf5330f6ba3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:35 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-2fbf1"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195569
Expires: Sat, 06 Aug 2022 11:51:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 21ms
19ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b51a11833f3d89222a52178a0ae2cc431cec38c50fdd2bebfae3347ef93e2bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 11:39:12 GMT
server: ESF
date: Wed, 11 Aug 2021 11:51:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Aug 2021 11:51:35 GMT

GET
H/1.1 200
OK dynamic-style-1626898302.css
plantaocredito.xyz/wp-content/uploads/sites/6/ 11 KB
12 KB 589ms
196ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/dynamic-style-1626898302.css
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d41bf65826c3499d81d6043ce04a5522bb038504230bb231254e72ae6991a23e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:35 GMT
Last-Modified: Wed, 21 Jul 2021 20:11:42 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f87f7e-2d60"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11616
Expires: Sat, 06 Aug 2022 11:51:35 GMT

GET
H/1.1 200
OK mashshare-light.min.css
plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/ 8 KB
8 KB 588ms
195ms Stylesheet
text/css 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/styles/original/mashshare-light.min.css?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e50bb464e8257ff1391db4b7a9fec036fc876ad95b0a72f8b0f4bd7b5997a0a6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:35 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1f96"
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8086
Expires: Sat, 06 Aug 2022 11:51:35 GMT

GET
H/1.1 200
OK jquery.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ 87 KB
88 KB 755ms
362ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:35 GMT
Last-Modified: Tue, 20 Jul 2021 17:40:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f70aa7-15db1"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89521
Expires: Sat, 06 Aug 2022 11:51:35 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ 11 KB
11 KB 591ms
198ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:35 GMT
Last-Modified: Thu, 19 Nov 2020 09:31:13 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5fb63b61-2bd8"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11224
Expires: Sat, 06 Aug 2022 11:51:35 GMT

GET
H/1.1 200
OK modernizr-custom.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/modernizr/ 7 KB
7 KB 590ms
196ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:35 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1b70"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7024
Expires: Sat, 06 Aug 2022 11:51:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 209ms
77ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5955b5d214da06e951b8fd2a8f1349233f1cb031423bcc92c68f6c50803ccc67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "955 / 933 of 1000 / last-modified: 1628680311"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25134
x-xss-protection: 0
expires: Wed, 11 Aug 2021 11:51:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076a785b6dd29fc4b49d3eb9217920a29bd089f38718e8f1b6e8ba8c881e53bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 4898024456010196187
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 11:51:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-201994943-1

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb10e4b37018b991e6cf5269e79ad87df66b91d53cbfe8f818e338b4feb1cab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41009
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Aug 2021 11:51:36 GMT

GET
H2 200 push-notification.js Show response
script.joinads.me/ 1 KB
867 B 61ms
26ms Script
application/javascript 2606:4700:20::ac43:45b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/push-notification.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39d0fd9943a1069718bb60c51587b8a2b7711d562766565fafd8ac6050e44cdb

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55704
cf-polished: origSize=1350
cf-bgj: minify
last-modified: Thu, 01 Apr 2021 12:59:38 GMT
server: cloudflare
etag: W/"6065c3ba-546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qcc%2FPyTq3D%2FlpijqJo9ME89AeMcFcHYCPNwAGQwfeRXBMw07xfG3HNwahqN3Lg%2FzY6NjkJwkEHnhjuC0ynCFbOSKJJmtLLAq%2BgZ4PMxr0Bq6dMcY7Ayn4VUI%2B3wUtvRRFAbOFSdH4%2F9MhwU9na8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 67d140bcfe934aa3-FRA
expires: Fri, 05 Aug 2022 20:23:11 GMT

GET
H/1.1 200
OK logo_200x200-e1625604984706.png
plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/ 4 KB
4 KB 309ms
196ms Image
image/png 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/logo_200x200-e1625604984706.png
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 346581ef7ce7844f5261e68e1ead8e083205d05bf3014416906417a9075eec68

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Tue, 06 Jul 2021 20:56:24 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60e4c378-e8c"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3724
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK stickyfill.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/stickyfill/ 6 KB
6 KB 200ms
199ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=2.0.3
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:35 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1893"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6291
Expires: Sat, 06 Aug 2022 11:51:35 GMT

GET
H/1.1 200
OK placeholders.jquery.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/jquery.placeholder/ 5 KB
6 KB 199ms
199ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1555"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5461
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK jquery.timeago.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/jquery.timeago/ 7 KB
7 KB 198ms
198ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/jquery.timeago/jquery.timeago.js?ver=1.5.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1c47"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7239
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK jquery.timeago.pt-br.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/jquery.timeago/locales/ 398 B
731 B 200ms
197ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/jquery.timeago/locales/jquery.timeago.pt-br.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3626069ffcb1718117bbccd3d9c1f487edeb9498ec20f162162b4cb111815d8a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-18e"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 398
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK matchmedia.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/matchmedia/ 2 KB
2 KB 200ms
196ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/matchmedia/matchmedia.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-6a4"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1700
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK matchmedia.addlistener.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/matchmedia/ 3 KB
3 KB 200ms
196ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/matchmedia/matchmedia.addlistener.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-b00"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2816
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK picturefill.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/picturefill/ 8 KB
8 KB 201ms
198ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-1e1b"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7707
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK jquery.waypoints.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/jquery.waypoints/ 9 KB
9 KB 199ms
198ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-2281"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8833
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK enquire.min.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/enquire/ 2 KB
3 KB 197ms
196ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-8ce"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2254
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK global.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/ 44 KB
44 KB 207ms
207ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/global.js?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d3cc6b0b74b949fa886fabe7bde4f82927ad4b18fe22eac02d1b45c848d88280

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-af01"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44801
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK core.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ui/ 20 KB
21 KB 202ms
201ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 15 Apr 2021 05:45:32 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6077d2fc-5133"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20787
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK menu.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ui/ 9 KB
10 KB 203ms
203ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/ui/menu.min.js?ver=1.12.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 15 Apr 2021 05:45:32 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6077d2fc-253b"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9531
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/vendor/ 6 KB
7 KB 200ms
200ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Tue, 20 Jul 2021 17:40:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f70aa7-1906"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6406
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/vendor/ 16 KB
16 KB 199ms
199ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Tue, 20 Jul 2021 17:40:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f70aa7-4056"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16470
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK dom-ready.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/ 1 KB
2 KB 196ms
196ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Tue, 20 Jul 2021 17:40:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f70aa7-4e9"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1257
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK hooks.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/ 5 KB
6 KB 198ms
198ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Tue, 20 Jul 2021 17:40:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f70aa7-1540"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5440
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK i18n.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/ 10 KB
10 KB 202ms
202ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Tue, 20 Jul 2021 17:40:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f70aa7-268a"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9866
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK a11y.min.js Show response
plantaocredito.xyz/wp-includes/js/dist/ 3 KB
3 KB 197ms
197ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Tue, 20 Jul 2021 17:40:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f70aa7-bc1"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3009
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK autocomplete.min.js Show response
plantaocredito.xyz/wp-includes/js/jquery/ui/ 8 KB
9 KB 201ms
201ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.12.1
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 04 Feb 2021 06:36:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "601b9604-215b"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8539
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK ajax-search.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/ 2 KB
2 KB 196ms
196ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/ajax-search.js?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 14d1267c9cf8d49aa00a026da9641071d586f1d65b78944b1430a09bb46a1f3d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-80f"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2063
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
plantaocredito.xyz/wp-includes/js/ 1 KB
2 KB 196ms
195ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 04 Feb 2021 06:36:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "601b9604-592"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1426
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK archive-filters.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/ 517 B
850 B 196ms
196ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/archive-filters.js?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a8e74586981d9c560c80df04ea96f44ec6a28f816b3fa74d32d762f676580ce3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:37 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-205"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 517
Expires: Sat, 06 Aug 2022 11:51:37 GMT

GET
H/1.1 200
OK back-to-top.js Show response
plantaocredito.xyz/wp-content/themes/bimber/js/ 1 KB
2 KB 197ms
197ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/js/back-to-top.js?ver=8.1.2
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b044d89f7a88e52da5ba2345438abc81c7fdf33eefbdb8e458bd5ce102bbba7c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:37 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-5d5"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1493
Expires: Sat, 06 Aug 2022 11:51:37 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
plantaocredito.xyz/wp-includes/js/ 18 KB
18 KB 206ms
206ms Script
application/javascript 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Cookie: _ga=GA1.2.1055100576.1628682696; _gid=GA1.2.1677589216.1628682696; _gat_gtag_UA_201994943_1=1; __gads=ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:37 GMT
Last-Modified: Tue, 20 Jul 2021 17:40:55 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f70aa7-4705"
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18181
Expires: Sat, 06 Aug 2022 11:51:37 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://plantaocredito.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 19:08:26 GMT
x-content-type-options: nosniff
age: 146590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 19:08:26 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://plantaocredito.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 22:05:46 GMT
x-content-type-options: nosniff
age: 135950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 22:05:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://plantaocredito.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 149112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 18:26:24 GMT

GET
H/1.1 200
OK bimber.woff
plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/bimber/fonts/ 10 KB
10 KB 216ms
202ms Font
application/font-woff 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plantaocredito.xyz/wp-content/themes/bimber/css/8.1.2/bimber/fonts/bimber.woff
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ac7f11986f311aec18f6e8346a0c2448ed4a523a16761ecd652a9707792282fa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://plantaocredito.xyz
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Origin: https://plantaocredito.xyz
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Thu, 24 Jun 2021 17:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60d4c2e8-281c"
Content-Type: application/font-woff
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10268
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://plantaocredito.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 09:27:55 GMT
x-content-type-options: nosniff
age: 95021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 09:27:55 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=8.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://plantaocredito.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 07:49:38 GMT
x-content-type-options: nosniff
age: 532918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 07:49:38 GMT

GET
H/1.1 200
OK Cartao-de-Credito-para-Negativados-Caixa-364x205.jpg
plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/ 16 KB
17 KB 473ms
361ms Image
image/jpeg 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/Cartao-de-Credito-para-Negativados-Caixa-364x205.jpg
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 07bcd4ad0fc223a609d939f5abc5d9468b4f0d0990191ce6310ecb82db8dd42c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Mon, 19 Jul 2021 23:19:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f6088a-41c7"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16839
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H/1.1 200
OK logo_200x200-e1625604984706-1.png
plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/ 4 KB
4 KB 310ms
197ms Image
image/png 143.198.150.47
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plantaocredito.xyz/wp-content/uploads/sites/6/2021/07/logo_200x200-e1625604984706-1.png
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.198.150.47 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 346581ef7ce7844f5261e68e1ead8e083205d05bf3014416906417a9075eec68

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plantaocredito.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Connection: keep-alive
Referer: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 11:51:36 GMT
Last-Modified: Wed, 21 Jul 2021 20:00:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60f87cd1-e8c"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3724
Expires: Sat, 06 Aug 2022 11:51:36 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108090101/ 252 KB
93 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8519566401851236&plah=plantaocredito.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccbe74ab35866ac75cc213314e88d49fc62bc786baeab7006548e4ca5cba5430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95614
x-xss-protection: 0
server: cafe
etag: 15162135846718443553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 11:51:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 1E70 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://plantaocredito.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://plantaocredito.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 10 Aug 2021 22:05:12 GMT
expires: Tue, 24 Aug 2021 22:05:12 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 49584
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-201994943-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2275
date: Wed, 11 Aug 2021 11:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 11 Aug 2021 13:13:41 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1029739457&t=pageview&_s=1&dl=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F%3Fvgo_ee%3DgfImFm6A1tfa%252Fw5odir%252FckzkASpiHornD%252Fz2wZTd1jg%253D&ul=en-us&de=UTF-8&dt=Arquivos%20Caixa%20-%20Plant%C3%A3o%20Cr%C3%A9dito&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=267619514&gjid=1529545427&cid=1055100576.1628682696&tid=UA-201994943-1&_gid=1677589216.1628682696&_r=1&gtm=2ou891&z=1475864272

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 11:51:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plantaocredito.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
663 B 213ms
83ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=plantaocredito.xyz&callback=_gfp_s_&client=ca-pub-8519566401851236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8519566401851236&plah=plantaocredito.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f267376edea68ba2dc4c5aeac95020c5bc247e7cb71be9fc983caee054e38c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 11:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 11:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFE9 0
19 B 88ms
86ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&adk=1812271804&adf=3025194257&lmt=1628682696&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F%3Fvgo_ee%3DgfImFm6A1tfa%252Fw5odir%252FckzkASpiHornD%252Fz2wZTd1jg%253D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628682696227&bpp=3&bdt=1073&idt=73&shv=r20210809&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6631265182171&frm=20&pv=2&ga_vid=1055100576.1628682696&ga_sid=1628682696&ga_hid=1029739457&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739547%2C42530671%2C20211866&oid=3&pvsid=2185988261639846&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=92

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8519566401851236&output=html&adk=1812271804&adf=3025194257&lmt=1628682696&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F%3Fvgo_ee%3DgfImFm6A1tfa%252Fw5odir%252FckzkASpiHornD%252Fz2wZTd1jg%253D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628682696227&bpp=3&bdt=1073&idt=73&shv=r20210809&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6631265182171&frm=20&pv=2&ga_vid=1055100576.1628682696&ga_sid=1628682696&ga_hid=1029739457&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739547%2C42530671%2C20211866&oid=3&pvsid=2185988261639846&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=92
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://plantaocredito.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://plantaocredito.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 11 Aug 2021 11:51:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Aug-2021 12:06:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Aug 2021 11:51:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508781313717"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Wed, 11 Aug 2021 11:51:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-201994943-1&cid=1055100576.1628682696&jid=267619514&gjid=1529545427&_gid=1677589216.1628682696&_u=YEBAAUAAAAAAAC~&z=1560187920

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Aug 2021 11:51:36 GMT
content-type: text/plain
access-control-allow-origin: https://plantaocredito.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021080501.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
114 KB 788ms
787ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 08:37:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116820
x-xss-protection: 0
expires: Wed, 11 Aug 2021 11:51:37 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
114 B 78ms
78ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=plantaocredito.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

21d2f5dffdff788f23ef5781f9088fd4d1429a8437ea12b951b8a584e466464b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 11:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Wed, 11 Aug 2021 11:51:36 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 44ms
20ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 118
x-cache: Hit from cloudfront
last-modified: Mon, 22 Feb 2021 18:41:52 GMT
server: cloudflare
etag: W/"1e16152334c325a4abb81f1a8ee52e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 95c9d51ed7176777d7ac8ca8cb233697.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: VIE50-C2
cf-ray: 67d140c92ac1c2a9-FRA
x-amz-cf-id: xw7uoISyHdF1tjzcvvt7rOztpwCypfdaa5iBJiZNDwFLN_6DG34EoQ==

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8519566401851236

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076a785b6dd29fc4b49d3eb9217920a29bd089f38718e8f1b6e8ba8c881e53bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 4898024456010196187
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 11:51:37 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAF9 436 B
236 B 128ms
128ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=2347765671&pi=t.ma~as.4678813439&w=728&lmt=1628682697&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F%3Fvgo_ee%3DgfImFm6A1tfa%252Fw5odir%252FckzkASpiHornD%252Fz2wZTd1jg%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628682697163&bpp=2&bdt=2009&idt=2&shv=r20210809&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97c03a6eb0cc0ed0-225467c59ec90037%3AT%3D1628682696%3ART%3D1628682696%3AS%3DALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg&prev_fmts=0x0&nras=1&correlator=6631265182171&frm=20&pv=1&ga_vid=1055100576.1628682696&ga_sid=1628682696&ga_hid=1029739457&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739547%2C42530671%2C20211866&oid=3&pvsid=2185988261639846&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Fzxw8vSHIy&p=https%3A//plantaocredito.xyz&dtd=9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9f3d7ef28aab32f37146569e740c3d415d51a07b7a2bd791388e0237c4bc2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8519566401851236&output=html&h=90&slotname=4678813439&adk=2645007159&adf=2347765671&pi=t.ma~as.4678813439&w=728&lmt=1628682697&psa=0&format=728x90&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F%3Fvgo_ee%3DgfImFm6A1tfa%252Fw5odir%252FckzkASpiHornD%252Fz2wZTd1jg%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628682697163&bpp=2&bdt=2009&idt=2&shv=r20210809&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97c03a6eb0cc0ed0-225467c59ec90037%3AT%3D1628682696%3ART%3D1628682696%3AS%3DALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg&prev_fmts=0x0&nras=1&correlator=6631265182171&frm=20&pv=1&ga_vid=1055100576.1628682696&ga_sid=1628682696&ga_hid=1029739457&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739547%2C42530671%2C20211866&oid=3&pvsid=2185988261639846&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Fzxw8vSHIy&p=https%3A//plantaocredito.xyz&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://plantaocredito.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://plantaocredito.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Aug 2021 11:51:37 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUnQJh-tmlNil9u40K6R80NwKopW2oaXvjC6JHBFf_sOJFWX85Fcbf9zUWssiAg; expires=Mon, 05-Sep-2022 11:51:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Aug 2021 11:51:37 GMT
cache-control: private

GET
H2 200 / Show response
prism.app-us1.com/ 317 B
387 B 246ms
244ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=26974550&ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D&u=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: e0b6ff3f70bbf91dc83eeaab12a1fd2c627e27473a1a82dc961be5b15e91755c

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
cf-ray: 67d140c96b3cc2a9-FRA

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
853 B 50ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=plantaocredito.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 632ms
632ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2185988261639846&correlator=2543361323531197&output=ldjh&impl=fif&eid=31062231%2C20211866&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210811&iu_parts=22088551542%3A22367029404%2Cplantaocredito.xyz%2CPlantaocredito_WEB_Square_Content7_Posts_20210730&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3D97c03a6eb0cc0ed0-225467c59ec90037%3AT%3D1628682696%3ART%3D1628682696%3AS%3DALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg&bc=31&abxe=1&lmt=1628682697&dt=1628682697340&dlt=1628682695154&idt=2151&frm=20&biw=1600&bih=1200&oid=3&adxs=209&adys=613&adks=1431871622&ucis=1&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=788x20&msz=788x0&ga_vid=1055100576.1628682696&ga_sid=1628682696&ga_hid=1029739457&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b858cbc377315e1f822032842ab8b81f5b054ad753495e5323bbe497324e186d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://plantaocredito.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 918F 6 KB
3 KB 48ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://plantaocredito.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://plantaocredito.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 11 Aug 2021 11:51:37 GMT
expires: Thu, 11 Aug 2022 11:51:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 529ms
529ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2185988261639846&correlator=2543361323531197&output=ldjh&impl=fif&eid=31062231%2C20211866&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210811&iu_parts=22088551542%3A22367029404%2Cplantaocredito.xyz%2CPlantaocredito_WEB_Square_Content6_Posts_20210730&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3D97c03a6eb0cc0ed0-225467c59ec90037%3AT%3D1628682696%3ART%3D1628682696%3AS%3DALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg&bc=31&abxe=1&lmt=1628682697&dt=1628682697348&dlt=1628682695154&idt=2151&frm=20&biw=1600&bih=1200&oid=3&adxs=209&adys=280&adks=3537975251&ucis=2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=788x20&msz=788x0&ga_vid=1055100576.1628682696&ga_sid=1628682696&ga_hid=1029739457&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

307e3ac5272556579ed88144701ec12f94014632d8e901baf7cc9049e1425f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7585
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://plantaocredito.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 97 KB
18 KB 1029ms
1029ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2185988261639846&correlator=2543361323531197&output=ldjh&impl=fif&eid=31062231%2C20211866&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210811&iu_parts=22088551542%3A22367029404%2Cplantaocredito.xyz%2CPlantaocredito_WEB_Vertical_Sidebar1_Content_20210730e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&cookie=ID%3D97c03a6eb0cc0ed0-225467c59ec90037%3AT%3D1628682696%3ART%3D1628682696%3AS%3DALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg&bc=31&abxe=1&lmt=1628682697&dt=1628682697351&dlt=1628682695154&idt=2151&frm=20&biw=1600&bih=1200&oid=3&adxs=1042&adys=247&adks=80178913&ucis=3&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=333x20&msz=333x0&ga_vid=1055100576.1628682696&ga_sid=1628682696&ga_hid=1029739457&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1884b470fbc38b53f2b6315089349f176ec4129b8937545ae783fe98172dbfad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18653
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://plantaocredito.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
271 B 416ms
141ms Script
text/javascript 52.204.196.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=26974550&prismid=47ff18c2-336e-4955-9269-58bef3c86fd7&url=https%3A%2F%2Fplantaocredito.xyz%2Fcategory%2Fcartao-de-credito%2Fcaixa%2F&email=dago.sial%40gmail.com
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.196.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-196-81.compute-1.amazonaws.com
Software: Apache/2.4.48 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:37 GMT
server: Apache/2.4.48 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.1/ 20 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-app.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 03:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6586
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Aug 2022 03:17:51 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.3.1/ 35 KB
35 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-analytics.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 09:32:36 GMT
x-content-type-options: nosniff
age: 267541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35642
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 09:32:36 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/8.3.1/ 173 KB
56 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-auth.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 13:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56866
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 13:44:33 GMT

GET
H2 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/8.3.1/ 320 KB
89 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-firestore.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 12:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90517
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 12:46:15 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.3.1/ 40 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.1/firebase-messaging.js

Requested by

Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 13:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10884
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 20:14:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 13:33:45 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
31ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ef829a78423f621edf41fb10c347608eb137fe32b1102d91a75bbdac714391f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8471
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 11 Aug 2021 11:51:37 GMT

GET
H3-29 200 container.html Show response
58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 317B 6 KB
3 KB 21ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://plantaocredito.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://plantaocredito.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 11 Aug 2021 11:51:37 GMT
expires: Thu, 11 Aug 2022 11:51:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AE00 12 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://plantaocredito.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://plantaocredito.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 11 Aug 2021 11:19:48 GMT
expires: Thu, 11 Aug 2022 11:19:48 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 406A 783 B
808 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4405d2074c07e49ed1432078e8035de9197d89bae3aa912a443fcac9a81072f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DhcdsnYuP/lKr8ynAlfwvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://plantaocredito.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://plantaocredito.xyz/

Response headers

expires: Wed, 11 Aug 2021 11:51:37 GMT
date: Wed, 11 Aug 2021 11:51:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DhcdsnYuP/lKr8ynAlfwvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 509
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A3AC 0
16 B 17ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNuAgAEQgprM9AEY-cDlrAEwAQ&v=APEucNVxfLG0lgh8QfZp94bSvidMngm3Tx2L-RvYLdKdDb0nKtKDc6ZyNozIFvK_OeYzFoHFmzZqBx6wCSvxYy-nRqAB3b5EYQ

Requested by

Host: 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com
URL: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNuAgAEQgprM9AEY-cDlrAEwAQ&v=APEucNVxfLG0lgh8QfZp94bSvidMngm3Tx2L-RvYLdKdDb0nKtKDc6ZyNozIFvK_OeYzFoHFmzZqBx6wCSvxYy-nRqAB3b5EYQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnQJh-tmlNil9u40K6R80NwKopW2oaXvjC6JHBFf_sOJFWX85Fcbf9zUWssiAg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 11 Aug 2021 11:51:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 317B 41 KB
20 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJuY-Qt0I9MOXjo_pCxeIsoje8ZAHqhIaNcGVoZpgWY4EXQbmHJcAJauyK6S1ZoTnYvzCZYuqcPNDf4NBNzIi7Dz8ZehMSuz_UR9Ugp1ru497gLo-PHG53cw4srv80syoH74caS3cQLPw5pTJlTCtCMbMwgQ&dbm_d=AKAmf-Ci1diAJ8ODjJ0tXBMthem5TL3pbUK0cfbG36slEuuA6ZQTP1_z682-cE1UnpoSfKJfqWnwGPO0Fv6k9tfzBpBVA7qk_rpb9C1QSMQ8P1t4mqV1GG8pOaUoZLQjXgjiZOoLY8_Ss3tpueqzC7w52DzRXkFP8cSOTyShIWxFjIaIi9si-j499ctC-ASQXCDOSzZDUo1-dYCPmJ6ifko41R55nkyU4QtEl67ICAQPVMOS4zztNUZUz-mZhtj-oHkbtwRUWzlsJfCoion7ZOA9RgDLSrQ2XG8dVvKo7dkttOoQ9rhI4qPAd-d3dTgZ6NQ_-HcNp8yHfVa3e93r_ewotpVyHmvrZbX9lub4CVLeap31KkiN5MYZS_XWhLzfwfTdMgSOemBhdE29JA2B_3qTAypRbjO7teHz-xQ-faUkKFlAgzHnsgA2m1A0YMxE3Xya1xBCO2jtfnAGv7xwF3diaiH2v2jrj-1A3cii7wB70gVxBlPG3vLmGWoRRM2TlVQrqQ84xqof8UoJ4x-6ktwqca0LDtSd_7JMln3f3QhQU0bgGCx0h898joyuDTHVZGmI6P3x9n7NAFqwBwpKpkxMncVQd2vWFvbWZ0VH_vf7Ribx9_-I6LirED5Z_Q8UEiZgDigEmCOeBL-26hY-Z1js_BWkmMOikG3cMRiHC3sHMyt3aBm3uTmgOiwWkHclpDt9mrScm9YgA4cOuvp9XF06nlk5NaWMVdAfaMAEdHNi4E_ZIz91q0OhVdCpFj5yCnDnQm_FXPyIUVjmwEdH3n-JawcgaVO8K6Icyn_XPfldix94iypg5o2ehxAuP9LEMtxzfwMzlzPnAXQH5xMidqMxl8IP04zPtB-icY4_slBdnHU9MinM3BoDWtHFDutH-9G5TAs7K8J9Nw79d6sHRY0AxCaw7jqZUFf3bLRjowC3fYxsokw6EwgE3VOvGsHLdSp6KsSV2gpztvPKburquZyq_10al4lC7NBvOMBBS60xtA7Bgym7GUX25n7Mw8dcBvm3Vo-0A7I63fug2j1t1x4B1_hY8IE2XyiGeg4qhz01QP8NLhyXwwfIpkj8GifPdrffNgJ72GK1SmwJ9HOo2nidjkGghClw7xj3TCo9quRLkIAGrXqIUu3CQ5wkMzQ40NbMVzzdzNgrgO_VseIeGSfWylEmiHWJlX_wMWlKJYsyT1go-zO5OIUO11dtOZ8vleUrRJFXxGUku1cqpFVjfnIBDsY70ZX3zD6evxjd9JvjEiskgRvtnvjQkdJpp1GHuVXC-MipgfpU61ETbyZCR09LfO5XuzL7m35uxvwS5ywKkbblqSbW54llvna5NUIcj9sTqx5JYFOxQoOGTL-4IwmAehcabHJ8fVlnNWO1xQ7pNh6wAack3Y02bodDx4Ixt51xtekgjoRFu3lRNF_Fy60eQDxvwvFcv9Tu80i9FFqSV-XR4itdg1_4IGIItOCIWIGQXBRU5DOed9C6NdchTQYkTQ47zHEfFq_a4VmL_JbJSfE68PElBqVRlXzB9a1Q9rU9PSippbpr6Zr2IzUMEVITvsQy3-71Oy18StzTkTSFGcl7qz1-TG_WSwcCwewTUpSdWmsHXBz0hGeqRzPVMIrH2jNaDIWxi1IiOyeG9Ayxri1vWOMDrbsI0YQtZ2OT_qDiBg2BAOx3TY0YfL3F4DkVsNsbFeum7EyeIAoiRqLxMRFjdf89ykO7WGiUwnm4ekYXlaDTCl1hvSZxH-6FUvYNTqDnJHjMsNuQlhnuTFJIRJG6LnAAEgvikG16OI-VRMVJh9mA7q_mpsbuKlibCs_jHrBDTIMFKAZ4aZjYQt4z3Ok7fe_5cE0A8v_-OI7iotxrYznbC3t_ptjA5qEKJiI96FW7B7OBxTmemW9hKcnUN0TkJ5DxufsudAtEAkgTAPgXfMVFNx_jPIbZLPle2cNG67IfxePhtmuY73bmldgwhpI02yU8Ol2EIeu3HF8W4vnl1gslFi8XP_rXi8J-zKmqZ5qkn6guCdAFye98yGc3_88qvglNb0zI7i9nypxjBa88vDtRsTIstbMEMJWZYArrNkTTllnc-L0qONSmHgAW4CGegN7HY07dh0T9BijlijOGa7TVfrhJoDVXXLRvMtRVW2I1Fcl36ZqUdFRy8uk6yE8OkD6X-y44q8rgZsA7lU93M0nkCOpwewCrc1B_MsUE-8jdgf0TXr2WvLWvNthvt0Dy1R8fi2YkRM7fZXDTv9_viToVT38QN8YvjnHUIP0ZniEN2AhODsDv70N6K4zdjfYmL6_quT9tEY8BJJUNla3CEsVytTCf1InrmFncC-bolGI-NwSYbKx4fQEIsyG_Mj09b_esswDKobYhZaxayTLdu-YryNMjqERsAwXloc6VBbqltgYR8dvz6TSTkCIMsxHBPyxOLXomhw2Yc8y277k1-BnvpmglkATz_BMX6Ma-Rsvlf5b2suzr-YdHZf0RdZwJMsmWlKkbI0B-oq7PSB0ikI4sG8CEU85gsVHupdvJ_2PTzkT_MovAzvWlILE2pD8TUbZHdB716qJ4UIFEqN4OpAbwjLTPRygn_nHJiLZNy4At6pN9DQ9ed-UeBQvp3Yq-gq0X-lMWdg8u0K7NJBx43H098_-AkYFYu2W3sW6VuWcvAaLYvzLZ6hd-D_C-SmuDzAnLL3-w4_T3ucgwoBLuDKpVv0r8TEghTYfrnj6tvhpSZT6HDP8isbMNbXXl9Ek5KVRJdExGwoUF03V88uRG6ryr9WiloG9cQ28ZFKNwGhpyJcz2m6SKHLmrnag_uM9VjV8rwcYYJodoTys8RFSsdYlr0I6-zpjBnzvw3ZFeQ_EYH3EOc4o9sgpVk5avUdQfH4X_yuLR1gv_sQELNp6TN-ukLTbbKRwxaQfneDkVObbVF9f2sv7LamA4VBOz092ByVrvP2ILR0I0hZH8u_SFBSF85Vj6gI7K6wsYJy_zt0DgSOocZIDS-y4MOh9k7M9T0fotcQ1ESMMb1Xm16ZnQDP7EMR8uSfe43L_8bGTGij5v_cdV8AobmghcnG_Kfens5uzKuQCG1mV8Gk8sw3xyXMFvh1Ea0atsJ0Bgxy0KJKhOZgUf-kI4i_CYFdNL_N42pfM7LqTvO5QW3HQqNKKAiuRMguLLwCQWrGXgKTuAod82SgsMmA-iJ-H9WBk9OacNiIwRwXQpvL_logeE_EbzIa1GFlK_hB_J7tifmN20YoMdoqU09wQVfeLiCen6f35ByPHpXLsTBiV_WViy_sucG70chnZkJm5QJ-eu6_KHdpH7UIHFODwni5R7OunwEPP0vEFGgl5aT-Ojg2ABkOAfGm518gC9XgF-nzlb9OLsY5sZT-GxxY8nQwsDUka9ViB48XC0nZ1Ujbb4qwqPnRULTSY0TXMI5Pww0yuiiBs-92My-Iyjjg1skjcOlPnzdJWedSS_mE4R9DKnSv8MR0oKkWYT0C69&cid=CAASPeRo8U0zyrMOwW427K1Cmr178qM0pqPjggrNaXXXC27K8fdIiX27y4KtSwP-KrzReeif_a5oYl7aXKQw3U4&rfl=1%2Chttps%253A%252F%252Fplantaocredito.xyz%252F%240

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/?vgo_ee=gfImFm6A1tfa%2Fw5odir%2FckzkASpiHornD%2Fz2wZTd1jg%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fcb942c25bf7c90a6f180c367a1fe044db71f812277f24e0d47f219d2ad087e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 11:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20839
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 317B 42 B
63 B 28ms
27ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AsLKc3-RCuzhQKQ81xIHoD34orwBWaJpRzz9bBd0HDIXOGTJEFWo0R7D60CzEzCes1a5PDX_KuMEQ-eRk3W5yIUQ1KfTgUIW-_EDSLqaO-mrYwZow

Requested by

Host: 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com
URL: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 11:51:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 317B 2 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com
URL: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 11:18:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 317B 124 KB
37 KB 58ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com
URL: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 11:51:38 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 317B 14 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com
URL: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 11:21:03 GMT

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame AE00 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 17:27:57 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame CDB7 188 KB
55 KB 32ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:34:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame CDB7 13 KB
5 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:34:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame CDB7 87 KB
27 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 247143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Sun, 08 Aug 2021 15:12:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Aug 2022 15:12:35 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame CDB7 4 KB
2 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:34:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame CDB7 40 KB
13 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:34:18 GMT

GET
DATA 200
OK truncated
/ Frame CDB7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4946c69af684e0c2e9f86e103655bd5be5f459cdb6dcfae5f9b26ade01016df

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4173913351632131068
tpc.googlesyndication.com/simgad/ Frame CDB7 46 KB
46 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4173913351632131068?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnPExn6073dtlXV2eBNPh8RkPV8_g

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36a6f8af1cd3fce552acc3fbb562facb27297bc31d7094fd631fbddab600767b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 00:57:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 09:56:00 GMT
server: sffe
age: 39232
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47020
x-xss-protection: 0
expires: Thu, 11 Aug 2022 00:57:46 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CDB7 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 37545
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CDB7 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 61883
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 11 Aug 2021 18:40:15 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame CDB7 0
0 18ms
16ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGfyVG2d27W2jkK8GPj0KC0jXZ1QYkUr60MeEU4LpgnLmoKPPA9fqeKROFRC2V7jfpAaeH
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CDB7 0
0 67ms
66ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCkNVybkTYc-6M9KO7gO3s6WoAo7935hkjc2JwPENqtu_oNQBEAEg4ImGfmDxrfyFpB-gAZ76zs4ByAECqQK24oKMUcd-PuACAKgDAcgDCKoE_AFP0Kb0h0jViyszTizwsk7al4n13LDsRmG94D_yQ-dDg1icryuNuW7JYb1KijE1ex95E3y4KkcsFIK0pbTvQC-CMc_h24Xo7Js5TS8Yy6f9fMx-ukDLQ07Kc7mccaxjfw_Y6CjE74YsLScQeI4_xU_L5obi3PTdbwstlVlGLUyoX07FEgZw-BmF8wiJPKXGkTWRjfrReB3uZY9coAlrrb2MNNKnBtyTjkp_Lrp_1nPVny7UQRA_7jS-8g2j9fpcs1SVXbSSGItkqJ6w3-gaxskacU4O9dy7b1neOz41JCOPn677zUyuykeeGOF_gGHSGsW9xynqaYD8hlj92sjABIzh7PHPA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfs4OyRAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCEtQfSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTgwMjcxMTk0MzA2NjMyNTiACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNzEzODc3MjE1MzE3NTU2MxiejXg&sigh=WsPOB94eY4A
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 317B 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJuY-Qt0I9MOXjo_pCxeIsoje8ZAHqhIaNcGVoZpgWY4EXQbmHJcAJauyK6S1ZoTnYvzCZYuqcPNDf4NBNzIi7Dz8ZehMSuz_UR9Ugp1ru497gLo-PHG53cw4srv80syoH74caS3cQLPw5pTJlTCtCMbMwgQ&dbm_d=AKAmf-Ci1diAJ8ODjJ0tXBMthem5TL3pbUK0cfbG36slEuuA6ZQTP1_z682-cE1UnpoSfKJfqWnwGPO0Fv6k9tfzBpBVA7qk_rpb9C1QSMQ8P1t4mqV1GG8pOaUoZLQjXgjiZOoLY8_Ss3tpueqzC7w52DzRXkFP8cSOTyShIWxFjIaIi9si-j499ctC-ASQXCDOSzZDUo1-dYCPmJ6ifko41R55nkyU4QtEl67ICAQPVMOS4zztNUZUz-mZhtj-oHkbtwRUWzlsJfCoion7ZOA9RgDLSrQ2XG8dVvKo7dkttOoQ9rhI4qPAd-d3dTgZ6NQ_-HcNp8yHfVa3e93r_ewotpVyHmvrZbX9lub4CVLeap31KkiN5MYZS_XWhLzfwfTdMgSOemBhdE29JA2B_3qTAypRbjO7teHz-xQ-faUkKFlAgzHnsgA2m1A0YMxE3Xya1xBCO2jtfnAGv7xwF3diaiH2v2jrj-1A3cii7wB70gVxBlPG3vLmGWoRRM2TlVQrqQ84xqof8UoJ4x-6ktwqca0LDtSd_7JMln3f3QhQU0bgGCx0h898joyuDTHVZGmI6P3x9n7NAFqwBwpKpkxMncVQd2vWFvbWZ0VH_vf7Ribx9_-I6LirED5Z_Q8UEiZgDigEmCOeBL-26hY-Z1js_BWkmMOikG3cMRiHC3sHMyt3aBm3uTmgOiwWkHclpDt9mrScm9YgA4cOuvp9XF06nlk5NaWMVdAfaMAEdHNi4E_ZIz91q0OhVdCpFj5yCnDnQm_FXPyIUVjmwEdH3n-JawcgaVO8K6Icyn_XPfldix94iypg5o2ehxAuP9LEMtxzfwMzlzPnAXQH5xMidqMxl8IP04zPtB-icY4_slBdnHU9MinM3BoDWtHFDutH-9G5TAs7K8J9Nw79d6sHRY0AxCaw7jqZUFf3bLRjowC3fYxsokw6EwgE3VOvGsHLdSp6KsSV2gpztvPKburquZyq_10al4lC7NBvOMBBS60xtA7Bgym7GUX25n7Mw8dcBvm3Vo-0A7I63fug2j1t1x4B1_hY8IE2XyiGeg4qhz01QP8NLhyXwwfIpkj8GifPdrffNgJ72GK1SmwJ9HOo2nidjkGghClw7xj3TCo9quRLkIAGrXqIUu3CQ5wkMzQ40NbMVzzdzNgrgO_VseIeGSfWylEmiHWJlX_wMWlKJYsyT1go-zO5OIUO11dtOZ8vleUrRJFXxGUku1cqpFVjfnIBDsY70ZX3zD6evxjd9JvjEiskgRvtnvjQkdJpp1GHuVXC-MipgfpU61ETbyZCR09LfO5XuzL7m35uxvwS5ywKkbblqSbW54llvna5NUIcj9sTqx5JYFOxQoOGTL-4IwmAehcabHJ8fVlnNWO1xQ7pNh6wAack3Y02bodDx4Ixt51xtekgjoRFu3lRNF_Fy60eQDxvwvFcv9Tu80i9FFqSV-XR4itdg1_4IGIItOCIWIGQXBRU5DOed9C6NdchTQYkTQ47zHEfFq_a4VmL_JbJSfE68PElBqVRlXzB9a1Q9rU9PSippbpr6Zr2IzUMEVITvsQy3-71Oy18StzTkTSFGcl7qz1-TG_WSwcCwewTUpSdWmsHXBz0hGeqRzPVMIrH2jNaDIWxi1IiOyeG9Ayxri1vWOMDrbsI0YQtZ2OT_qDiBg2BAOx3TY0YfL3F4DkVsNsbFeum7EyeIAoiRqLxMRFjdf89ykO7WGiUwnm4ekYXlaDTCl1hvSZxH-6FUvYNTqDnJHjMsNuQlhnuTFJIRJG6LnAAEgvikG16OI-VRMVJh9mA7q_mpsbuKlibCs_jHrBDTIMFKAZ4aZjYQt4z3Ok7fe_5cE0A8v_-OI7iotxrYznbC3t_ptjA5qEKJiI96FW7B7OBxTmemW9hKcnUN0TkJ5DxufsudAtEAkgTAPgXfMVFNx_jPIbZLPle2cNG67IfxePhtmuY73bmldgwhpI02yU8Ol2EIeu3HF8W4vnl1gslFi8XP_rXi8J-zKmqZ5qkn6guCdAFye98yGc3_88qvglNb0zI7i9nypxjBa88vDtRsTIstbMEMJWZYArrNkTTllnc-L0qONSmHgAW4CGegN7HY07dh0T9BijlijOGa7TVfrhJoDVXXLRvMtRVW2I1Fcl36ZqUdFRy8uk6yE8OkD6X-y44q8rgZsA7lU93M0nkCOpwewCrc1B_MsUE-8jdgf0TXr2WvLWvNthvt0Dy1R8fi2YkRM7fZXDTv9_viToVT38QN8YvjnHUIP0ZniEN2AhODsDv70N6K4zdjfYmL6_quT9tEY8BJJUNla3CEsVytTCf1InrmFncC-bolGI-NwSYbKx4fQEIsyG_Mj09b_esswDKobYhZaxayTLdu-YryNMjqERsAwXloc6VBbqltgYR8dvz6TSTkCIMsxHBPyxOLXomhw2Yc8y277k1-BnvpmglkATz_BMX6Ma-Rsvlf5b2suzr-YdHZf0RdZwJMsmWlKkbI0B-oq7PSB0ikI4sG8CEU85gsVHupdvJ_2PTzkT_MovAzvWlILE2pD8TUbZHdB716qJ4UIFEqN4OpAbwjLTPRygn_nHJiLZNy4At6pN9DQ9ed-UeBQvp3Yq-gq0X-lMWdg8u0K7NJBx43H098_-AkYFYu2W3sW6VuWcvAaLYvzLZ6hd-D_C-SmuDzAnLL3-w4_T3ucgwoBLuDKpVv0r8TEghTYfrnj6tvhpSZT6HDP8isbMNbXXl9Ek5KVRJdExGwoUF03V88uRG6ryr9WiloG9cQ28ZFKNwGhpyJcz2m6SKHLmrnag_uM9VjV8rwcYYJodoTys8RFSsdYlr0I6-zpjBnzvw3ZFeQ_EYH3EOc4o9sgpVk5avUdQfH4X_yuLR1gv_sQELNp6TN-ukLTbbKRwxaQfneDkVObbVF9f2sv7LamA4VBOz092ByVrvP2ILR0I0hZH8u_SFBSF85Vj6gI7K6wsYJy_zt0DgSOocZIDS-y4MOh9k7M9T0fotcQ1ESMMb1Xm16ZnQDP7EMR8uSfe43L_8bGTGij5v_cdV8AobmghcnG_Kfens5uzKuQCG1mV8Gk8sw3xyXMFvh1Ea0atsJ0Bgxy0KJKhOZgUf-kI4i_CYFdNL_N42pfM7LqTvO5QW3HQqNKKAiuRMguLLwCQWrGXgKTuAod82SgsMmA-iJ-H9WBk9OacNiIwRwXQpvL_logeE_EbzIa1GFlK_hB_J7tifmN20YoMdoqU09wQVfeLiCen6f35ByPHpXLsTBiV_WViy_sucG70chnZkJm5QJ-eu6_KHdpH7UIHFODwni5R7OunwEPP0vEFGgl5aT-Ojg2ABkOAfGm518gC9XgF-nzlb9OLsY5sZT-GxxY8nQwsDUka9ViB48XC0nZ1Ujbb4qwqPnRULTSY0TXMI5Pww0yuiiBs-92My-Iyjjg1skjcOlPnzdJWedSS_mE4R9DKnSv8MR0oKkWYT0C69&cid=CAASPeRo8U0zyrMOwW427K1Cmr178qM0pqPjggrNaXXXC27K8fdIiX27y4KtSwP-KrzReeif_a5oYl7aXKQw3U4&rfl=1%2Chttps%253A%252F%252Fplantaocredito.xyz%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
server: cafe
etag: 12459758733850244510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 11:49:05 GMT

GET
H2 200 06082021-013004976-BETTY_S2_STATIC_TEMPLATE_V6_NRD_v1_300x250__CE__ES__NR__PT_.jpg
s0.2mdn.net/8278829/ Frame 317B 57 KB
58 KB 31ms
8ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8278829/06082021-013004976-BETTY_S2_STATIC_TEMPLATE_V6_NRD_v1_300x250__CE__ES__NR__PT_.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26de296afe8e8e1189f5d3c56491d24c21ab65f4ed2490741511d818b095bf5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 07:13:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:30:05 GMT
server: sffe
age: 16662
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58790
x-xss-protection: 0
expires: Thu, 12 Aug 2021 07:13:56 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/ Frame 317B 8 KB
3 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 11:48:16 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 317B 0
107 B 217ms
89ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMRvxJmqzxH-X4Vhr8v604aINmTi-7tu9LcKcBysM2vmlJtJlvENEc-jXlsxKQgNWRo0GS4IZpQVlf-FwwJKF8rzOOm1PSZpGIg9bhBzjhD6OKNifCXD3v2-G8fJ8YPv-gs8B6os0R93m5IayEOgv3tj-YFnlPw4RO_lPD42xVBWYHkLvkOLl1ELfY51hZaCJVs6P-08OOu0w2guqDSC9rWc675H9nrDVBKGlhr8MKHlkTP_awEAqFCKGaXydP8-9jmjZ6MbWx217p_fACmpUEqWPLH0GYHO5LC7B1_j3m9ChppUGd8bmhidyGSHmpxWM1L6f1r5RP9o4LrpsnklmyzIjpaIi7vn693nO1xANkh0qtvk5UPDR3gGrdSWraPNn2fsJYkYab_ToS-2YvBP0F2SgOSUkUvpTkRPEGlf_sDO1c-TvOkz7Mf3ZI8PBeXpxahY4YNNue6BSTb-gE8R39MxeYc5jbEjN5v3bvnMhT1xje0S8A7nU0Jz3cKyVpODjBDlX7M-X36LXVdoitC8X1OBuTRLZgDciSUY2RebAdQdyk2JL3e4s5oFGwKDTF1VHAVHRpO5VVY0pNVid5Dk-otv2EKUVu-USMqBPB9ujpYMR4wt1afnUZy7jtjDeE7a2-FgTog8TWAT1NF8yJNJrWEV6MUp1i4Echa3aCxO_5v3wNfQMgb68qbajb23HmdCbRCaF6LjHKECjvoFxjvHfVFobZG-IMKFnEazUCmCfzAXYfAGTJ-m4S4cjlZzOg1XS8k4SenbmvqzHfikBjmx3cx5DZksCTDZ4CnjennEg33vXlWJhYhDIYGgAE4i1ijDWHDeLL4GfZb_cdlWXkiSm6ydDwWFv_p8YrAUFgDZj8eXKThsyUqBF74q4OyX3oLv61piJIUBFaFsH7ODMYdp91pBS0StwIqDXJxdBNrxKVMPDi6hygJYi0Ya6uxRkE82bKIh6pYIj764cAkGdTVdEtoiCyUVTq3uGokkYfJ1h4l2IlNabdD70wIkDxaXZvQV3VXPYjAyPXOpH_LclsBIXp_ftH58x_drRjsp8qIS4gQWbCaqMnH43hY-9dUllNwLvenPqoMDmi-L7gAmDF-crQbkraWekThfpefg0Ol7m4ND_NLzLIoGM33P4_CB5ZZyjVRCQ3NG78z1aiYbL686qLjrW1hbzP5-kJq5twDprmA8lQ9br7WPt_d4K1wJnVSwQ_TQ65yVsvjm3o6OAE8ElXRkq3E7dotnnkwyYJbXd5PU--fplXLR0N_48&sai=AMfl-YSsp-W5stp_yg8kiw8GjymFC8Qp1jTM-KVqJUnEOHFSeyTzApWI9Pbgp-3cGILgJh0aiyKHdH_Sh6QHnci4Rl1ftvZ0mbCl5g6jn6UlZwFJKDwvbBax6t3zzdr5QlCIh98IEslOEJL0_7tyeL8CIRWffFMPc0P6eOoSbyy6rXClV30uSiIdaNC44JbBNM23K5ddK5tSCb_1JtCKpIrJ7sAeNs2ZGgTjHvoVLfckEA&sig=Cg0ArKJSzCdsboqJMD4GEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210809.40913&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 11 Aug 2021 11:51:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 317B 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 16:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 16:47:21 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D7DB 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 11 Aug 2021 00:07:07 GMT
expires: Thu, 11 Aug 2022 00:07:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 317B 0
545 B 153ms
84ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 11:51:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 317B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc91b553e715c9150e9bf7533846b59f822ad4151ea0389984825460ba40601a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CDB7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 11 Aug 2021 11:51:38 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 4173913351632131068
tpc.googlesyndication.com/simgad/ Frame CDB7 46 KB
46 KB 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4173913351632131068?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnPExn6073dtlXV2eBNPh8RkPV8_g

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36a6f8af1cd3fce552acc3fbb562facb27297bc31d7094fd631fbddab600767b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 00:57:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 09:56:00 GMT
server: sffe
age: 39232
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47020
x-xss-protection: 0
expires: Thu, 11 Aug 2022 00:57:46 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CDB7 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 37545
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CDB7 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 61883
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 11 Aug 2021 18:40:15 GMT

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame D7DB 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 17:27:57 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=2185988261639846&bg=!Y2ClYCTNAAbOj6irzo87ACkAdvg8Wn9-yeXViPTTmyO3MdFstAc000nk83BuxNtlO6uONzGODt9mywIAAAE3UgAAABBoAQeZAmvSuc-rJEH-tF2B84dfIuvCUkdnc0sIYEnXWHHLZojcbxwdYzUI6AOoiB23io6LC9Q_ujeiYnsBOiFzrVmSv2LHD7mYjwRZwxnFQ8vpki05UNIssW71tLbKK6ZoQqWtVq9bIjVumCRmlTTd7RXrlCI8NuYJJ_B8FKv_Q0eclKw_183SZDIya4vOGA4M2BrWhU1KKQgk5xf5w6FzUcHOSJKlMktKGVDtheK1s_lHl421KbqkT3y3nyNUXsTPU9oUZPzcAhlupL6Po8jpzmUn-b7W2gOVjZFga5tIKAxiwWNx4DsWeFEKBehvnG_NU-LVD9rFYAvw7bDgtRBEVRuu8bNJ8fkJNlMuEOlVuLXpB0ff79wT02LhpdYaH1HC0Bo4cMC_USn364XLRYgstNNuNZ03zK1bsRGYlgBr-RRmUzPDh8_1KuS_zkeqz_QVxTktZ0jrGbGZON0kbHm5xdB57tAz-UNtmafLiyFpzq7kcClQ4bS22UfS39r8UpbizEFA6ZCzvPW6_mJX5rtOuPVCL8kOrOs8Zmqc5OVwrYTWCmNWjCAgh79jZeDt5XW4I0SV_JjkXNCgBwXbLNdAb6Xkft6irik3eS-En9JunNjRo-tNTFfBBC0hGBF7uvnZ-GMlKgaLln8PrRVBAPr-XAhr3vC9zOL0v2l5xpL39sABEtX7xOsx8uRAVLFFTBonZcnJsnHK3bqw9CIOvDAiAR3FWcYSUQFpLC-WgRctOsPmJWNFFdKTD8sPxp2DOp346DwqeehIuUtCXwjXOSsdn2D-0ZrCBAEBO59x93aBgw-SAM0f9Q4k_rnX8JqccPmY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 11:51:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame B0A6 188 KB
54 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:34:18 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame B0A6 13 KB
5 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:34:18 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame B0A6 87 KB
27 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 247143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Sun, 08 Aug 2021 15:12:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Aug 2022 15:12:35 GMT

GET
H3-29 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame B0A6 71 KB
16 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 153894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6eea2bcb2a8fbd9d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame B0A6 4 KB
2 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:34:18 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame B0A6 40 KB
13 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Fri, 06 Aug 2021 11:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:34:18 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B0A6 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 37545
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B0A6 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 61883
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 11 Aug 2021 18:40:15 GMT

GET
DATA 200
OK truncated
/ Frame B0A6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f5e1cc7180a2288840d18dcf6df676284ffa88261f12284179a9b9e942c177c

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B0A6 0
0 17ms
16ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBpNEpG2ZFW0qKOnlHs-Q9mLueYWl945WBU8RAU7ZEMBfzWu_71NN6fpN9LK1z3ui1wXil
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B0A6 0
0 69ms
67ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKwwLybkTYeSJOcnugAeh65DwCPWUtpxkvs_woewNsJAfEAEg4ImGfmDxrfyFpB-gAeTewcACyAEJqQK24oKMUcd-PuACAKgDAcgDCKoE_AFP0MOVvegbx9nokXxrIaorNvX8SaIJMgGj9_8zkhgo_IJPuurquOH3OMIlJXjXV3Yhbw0Tf-2uIkxtiR7anNn14TyJZ2xO-VuWt1H1ChR-fGlEthgnzW0aIZv1gO375nrW46RUKSlUv53rz9-1V_wHw-ZzJGpRDALmF_1dOgGINjglDHGkVb9H5kP3ksUcS0ZFysWfrIaWwi5mbcv1g4pXjUTlBxOk5xSHQ9mU2eTLQ66Cb2zem2lshwIR8Wmp4DPM7tZj_sfeMfdxRA-CeRZCthNBHDfVSP8kJJcG_p5SWmywON38SfuCVcREGEirswKQ0atIsnWVeQraVSXABIPs4_ncA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeEob6_AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDz9RfSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTgwMjcxMTk0MzA2NjMyNTiACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNzEzODc3MjE1MzE3NTU2MxiejXg&sigh=JpgmsgCJLj0&template_id=419
Requested by: Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 300x600.jpg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 101 KB
101 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/300x600.jpg

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7aabb7af4f7bab48cc5f310cd3217fb56bbb20818c626120cad82c31c61f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103064
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 GE-Logo-Main-Yellow.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 20 KB
7 KB 11ms
8ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/GE-Logo-Main-Yellow.svg

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94518c699e41dd838164a48a3dbbb5332a96f44c3012d30562f533032455b76b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7158
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:02:36 GMT

GET
H3-29 200 Button.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 3 KB
1 KB 12ms
9ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/Button.svg

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

267373e021b10dd5b85b9f2c51f9dc7bfd4bcc01c13b40ad57f4ba21b66601e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 4_Med_va_r.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 12 KB
3 KB 15ms
12ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/4_Med_va_r.svg

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e226445e5afe4d2a1f1298cf918c9a8ff025b7a27f34dd6a7dd11a7205b566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3366
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 Energifo_rsta_rkare_2.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 1 KB
529 B 13ms
11ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/Energifo_rsta_rkare_2.svg

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94c6c6a439a7ebb4cc20bac9e793bc9253a08b3217f1228a0a4fadd802344e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 500
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 2_Det_enkla.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 10 KB
3 KB 14ms
12ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/2_Det_enkla.svg

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

631cefb0295620c6b5c237e5d23db4fdfa13d02f4e1601ef74016bd4fd79bc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2891
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 Energifo_rsta_rkare_1.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 2 KB
915 B 12ms
10ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/Energifo_rsta_rkare_1.svg

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ade81d99c4df1aed843ec322ff97c3384fd9f8e96ff0f8f93bba5f6fe1156965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 886
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 22:24:35 GMT

GET
H3-29 200 Energifo_rsta_rkare_8.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 2 KB
611 B 13ms
11ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/Energifo_rsta_rkare_8.svg

Requested by

Host: plantaocredito.xyz
URL: https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87247aaff99b0744cb67c090351f4c1d69c1947ba347e7a4d40fe35888c0a5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7DB 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhERdybkTYaXaOobZgQe2zJDgDgAAAAA4AeAEAg&bg=!3d6l3prNAAbOj6irzo87ACkAdvg8WlA0fcmEenA170KWO1lbYSB3daSAVAj7kboLbu9S-KEXVd0TEwIAAACGUgAAACdoAQeZAtR8b0Q0ORPOf4B-fAvsc0fjWCSdQmvfzCPvzn1RulgQLfsHJncz9m2wybrGUAV91jSkPzKBXUjU8qEfhC1LtMKBGPLHHtGNONmJGaPevFaJOR2UK1L2ajofml_FSlejXLIyOHgEzS0wbdP_CJfSD2UOwhDBUPaIWhUcDZleKVs9pkg5prukc1_pzczt0B6Wq_st6NDU0JjMG-yBT51HAFHa0ihl24pUHWAONtT4FQttwoSzNaQn7j4-q5UxLTZBYFjPDAq15GUyh3SkZtbbw5U8-GJ1-vMExnL3pTa7cobgihOPnHP6lcI8Vzk5nwGP4UZ3FHdSXLRoDOPmQLwSiF8fILw_9mjQCZ8kdSHmoeplx0CBnK2rjzNdbSw4jZFtXhIVX5YlkWejqcFc6jLWIwSF_1AL9tcBQWcrWhDNKsBjAcIa1BIaMnMpyIdUOj8-6mA0bxB1TWg8FnPBUF2ySXrgB6YH5L2BTtCmTPG_W7dHvwsLkbFBHkFSU278YgV2Z_RP6Uh9qfdNKrhAbB9nWB8VCrCvlsgijpIq-orSVvJ4i9-cB6SMfU2cktR9KHhXIKsevbG2A3WIz2Qe1HW1Pzz4pY2SJSZtaume1REjhLdugJpmnA4m1um5VHZNQjU-q0lWWVUoYiBd0Uncv1ZjQK-Cq7e-Ih1Cb575_aM0utq4nXyQJlQ2276p9MFqt775fXYLLj947OVa1wwQ8nH-5hD6_4gzcDRal5CS_ZEKmu1Pzjto33DH6_XaNxelGewLuJbWxrxb4Fda88lJlZjSkP2yKq8V-n3vAp8UJ5BqzV3V5BRKs3gj5fzm5D3E99sNFsMdxAxnAYAVIrUzPZg5fZN0A9-_zuvd9zvFc4txrXu7fpb_5MOV3wurXFuWo38_3GzdweEtHxmnLdCKKpsEJ9WdRcZLbxtsN9AhkzledtBGZOSBD7oC40ar6kqmF-UCRi2E8aGG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 11:51:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B0A6 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 37545
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B0A6 344 B
368 B 7ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 61883
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 11 Aug 2021 18:40:15 GMT

GET
H3-29 200 300x600.jpg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 101 KB
101 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/300x600.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7aabb7af4f7bab48cc5f310cd3217fb56bbb20818c626120cad82c31c61f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103064
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 GE-Logo-Main-Yellow.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 20 KB
7 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/GE-Logo-Main-Yellow.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94518c699e41dd838164a48a3dbbb5332a96f44c3012d30562f533032455b76b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7158
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:02:36 GMT

GET
H3-29 200 Button.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 3 KB
1 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/Button.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

267373e021b10dd5b85b9f2c51f9dc7bfd4bcc01c13b40ad57f4ba21b66601e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 4_Med_va_r.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 12 KB
3 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/4_Med_va_r.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e226445e5afe4d2a1f1298cf918c9a8ff025b7a27f34dd6a7dd11a7205b566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3366
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 Energifo_rsta_rkare_2.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 1 KB
529 B 11ms
10ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/Energifo_rsta_rkare_2.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94c6c6a439a7ebb4cc20bac9e793bc9253a08b3217f1228a0a4fadd802344e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 500
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 2_Det_enkla.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 10 KB
3 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/2_Det_enkla.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

631cefb0295620c6b5c237e5d23db4fdfa13d02f4e1601ef74016bd4fd79bc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2891
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H3-29 200 Energifo_rsta_rkare_1.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 2 KB
915 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/Energifo_rsta_rkare_1.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ade81d99c4df1aed843ec322ff97c3384fd9f8e96ff0f8f93bba5f6fe1156965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 886
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 22:24:35 GMT

GET
H3-29 200 Energifo_rsta_rkare_8.svg
tpc.googlesyndication.com/sadbundle/10568828694887762381/ Frame B0A6 2 KB
611 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10568828694887762381/Energifo_rsta_rkare_8.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87247aaff99b0744cb67c090351f4c1d69c1947ba347e7a4d40fe35888c0a5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:18:36 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 03:33:15 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 317B 42 B
518 B 49ms
31ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQWMJKMJNag72lUToWeIGeA9jJ1iM5gkyrln_fhx1fOQH1JGIPXi8e_84gcuC7iUpiu8-oP8s_Yz8KeMbqwjwn1hAuq5C9HQPtdZeccP0SPergNTd0F0u2Lr_XEg&sai=AMfl-YSsltZwIPVg333ZcdX67g5_NI3ofvwgz9P9Zxap7cUjde_Qz133g1GSO7X8NVuFUVGOP5SSctycrnSpYQTc-PLdJuLHwGyCqBpY0ilmkQmKJXvYiPfe_A-Lx1fs&sig=Cg0ArKJSzP5reN-ZUh7rEAE&cid=CAASPeRo8U0zyrMOwW427K1Cmr178qM0pqPjggrNaXXXC27K8fdIiX27y4KtSwP-KrzReeif_a5oYl7aXKQw3U4&id=lidar2&mcvt=1000&p=280,453,534,753&asp=280,453,534,753&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210809&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3537975251&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628682697904&dlt=31&rpt=230&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 11:51:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CDB7 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUCbWJ7lftgdiucuvpQp0TAtSj3osV_-lt6oajRI7Cv34hjOS80NQVUQ7FdlZuBXksCBfhubpiCMjOeOcTmLjot8XLzPIrwvmO-UC_e0BzCPGcT9wf8NNBSbtBmA&sai=AMfl-YRl2wrtiPj9BWHFAHSwgI2ixq4wyeTFrdUMQdAr7BVgihKKmiFSQx08SCntnYhzFvaFGQXX1bQxmCfdV1XNFrr4J9QOdHPIVKzOXYHxJx6O7bRUbovW5_3gGMEe&sig=Cg0ArKJSzEEyyJphkCQGEAE&cid=CAASPeRonAnCvxOrZ3iFM7UkBZ6uKGAHvz13Ni-QzolNRx6hmsFM_d4NUfsn_0kGxP0NBJo0MAJeuodi1bJVX8E&id=ampim&o=453,863&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=105&tls=1106&g=100&h=100&tt=1106&r=v&avms=ampa&adk=1431871622

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 11:51:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B0A6 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIAzotUO6I_-8G5j4w51pCbwmIsLEv0VqKTpAyR0XybfbtwmOfCY0HIZ_1vpSCfsTUagL-zQrh9su1XhGFv3Nt4fQ17gndyQizv2dEgmGAan_SAAP5MlxtmnYvxQ&sai=AMfl-YRJVL0N7tVOTg0Ab68lrC3XSYBn8i-aGtsT34yYyUBnOGUh93f6Q08s9iNcEukgktgCtaHoBVjuASHUNNom3fHV1WsqHw7OcUaxMsCP2zInLb_oRLDTr4znTxY8&sig=Cg0ArKJSzKc5E3vEmvVSEAE&cid=CAASPeRoWUOM8DYX52WpLMqQU4CjqnLey6DLKDvVGhJGszx1xioo88QsQUIpkpUsX0HCGYrnLtXdf0LdmPzjfwk&id=ampim&o=1059,247&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=97&tls=1097&g=100&h=100&tt=1097&r=v&avms=ampa&adk=80178913

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 11:51:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 script-push.js Show response
script.joinads.me/ 1 KB
1 KB 19ms
19ms Script
application/javascript 2606:4700:20::ac43:45b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/script-push.js
Requested by: Host: script.joinads.me
URL: https://script.joinads.me/push-notification.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cb238c7630ba8bd60ede523b57d4b3619086b3c54c04297662d2fddc65c6c4

Request headers

Referer: https://plantaocredito.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 11:51:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55372
cf-polished: origSize=1468
cf-bgj: minify
last-modified: Thu, 01 Apr 2021 12:59:37 GMT
server: cloudflare
etag: W/"6065c3b9-5bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quFAFPSoIFp%2FVL6teS6feQvozoP6YNlwVJCLJt8Gc6phRWCcgsJVpIjodKpv6Mq07KoMELIb3jgE9dI5oeRrN4tra4zJkpn12rWfOpL6YXG13nLD4EiK0Cte5XxY4j55H28pNIWSES8N4xtopMCA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 67d140da1c3a4aa3-FRA
expires: Fri, 05 Aug 2022 20:28:47 GMT

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:46:18	Name: IDE Value: AHWqTUnQJh-tmlNil9u40K6R80NwKopW2oaXvjC6JHBFf_sOJFWX85Fcbf9zUWssiAg
.plantaocredito.xyz/	1970-01-19 21:07:54	Name: prism_26974550 Value: 47ff18c2-336e-4955-9269-58bef3c86fd7
.plantaocredito.xyz/	1970-01-20 05:46:18	Name: __gads Value: ID=97c03a6eb0cc0ed0-225467c59ec90037:T=1628682696:RT=1628682696:S=ALNI_MYjEQpcaWCpyh_7taAjQ113MCbaOg
.plantaocredito.xyz/	1970-01-19 20:24:42	Name: _gat_gtag_UA_201994943_1 Value: 1
.plantaocredito.xyz/	1970-01-19 20:26:09	Name: _gid Value: GA1.2.1677589216.1628682696
.plantaocredito.xyz/	1970-01-20 13:55:54	Name: _ga Value: GA1.2.1055100576.1628682696

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://plantaocredito.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js(Line 6) Message: [GPT] Invalid arguments: googletag.display('null').
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://plantaocredito.xyz/category/cartao-de-credito/caixa/
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://plantaocredito.xyz/category/cartao-de-credito/caixa/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58542af37d2163649c8745e6ae5d5698.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adservice.google.se
cdn.ampproject.org
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
plantaocredito.activehosted.com
plantaocredito.lt.acemlnb.com
plantaocredito.xyz
prism.app-us1.com
s0.2mdn.net
script.joinads.me
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
trackcmp.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
142.250.185.98
142.250.186.34
143.198.150.47
2606:4700:20::ac43:45b7
2606:4700::6811:586d
2606:4700::6811:915b
2a00:1450:4001:801::2003
2a00:1450:4001:803::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9a
52.204.196.81
54.159.158.48
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
06e226445e5afe4d2a1f1298cf918c9a8ff025b7a27f34dd6a7dd11a7205b566
076a785b6dd29fc4b49d3eb9217920a29bd089f38718e8f1b6e8ba8c881e53bb
07bcd4ad0fc223a609d939f5abc5d9468b4f0d0990191ce6310ecb82db8dd42c
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7
0aade4473b4c7427f41a5b3aeacddf7a2e3532f2b7fece88a77644ec0e27d81a
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14d1267c9cf8d49aa00a026da9641071d586f1d65b78944b1430a09bb46a1f3d
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
1884b470fbc38b53f2b6315089349f176ec4129b8937545ae783fe98172dbfad
1ef829a78423f621edf41fb10c347608eb137fe32b1102d91a75bbdac714391f
1f5e1cc7180a2288840d18dcf6df676284ffa88261f12284179a9b9e942c177c
21d2f5dffdff788f23ef5781f9088fd4d1429a8437ea12b951b8a584e466464b
267373e021b10dd5b85b9f2c51f9dc7bfd4bcc01c13b40ad57f4ba21b66601e7
26de296afe8e8e1189f5d3c56491d24c21ab65f4ed2490741511d818b095bf5b
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d
307e3ac5272556579ed88144701ec12f94014632d8e901baf7cc9049e1425f44
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
346581ef7ce7844f5261e68e1ead8e083205d05bf3014416906417a9075eec68
3626069ffcb1718117bbccd3d9c1f487edeb9498ec20f162162b4cb111815d8a
36a6f8af1cd3fce552acc3fbb562facb27297bc31d7094fd631fbddab600767b
39d0fd9943a1069718bb60c51587b8a2b7711d562766565fafd8ac6050e44cdb
3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5243470d2be31f9aaf768f030f06b894aad081801460b75f6b396aca06fd8dda
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5955b5d214da06e951b8fd2a8f1349233f1cb031423bcc92c68f6c50803ccc67
59cf710a53864599c1ae08d5f67388dbaf3375bbc802fd5ff7e260b13cc069a6
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
631cefb0295620c6b5c237e5d23db4fdfa13d02f4e1601ef74016bd4fd79bc3d
69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432
6b7aabb7af4f7bab48cc5f310cd3217fb56bbb20818c626120cad82c31c61f53
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6
77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
87247aaff99b0744cb67c090351f4c1d69c1947ba347e7a4d40fe35888c0a5a3
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
8fcb942c25bf7c90a6f180c367a1fe044db71f812277f24e0d47f219d2ad087e
94518c699e41dd838164a48a3dbbb5332a96f44c3012d30562f533032455b76b
94c6c6a439a7ebb4cc20bac9e793bc9253a08b3217f1228a0a4fadd802344e17
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56
9b51a11833f3d89222a52178a0ae2cc431cec38c50fdd2bebfae3347ef93e2bd
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8e74586981d9c560c80df04ea96f44ec6a28f816b3fa74d32d762f676580ce3
aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468
ac7f11986f311aec18f6e8346a0c2448ed4a523a16761ecd652a9707792282fa
ade81d99c4df1aed843ec322ff97c3384fd9f8e96ff0f8f93bba5f6fe1156965
b044d89f7a88e52da5ba2345438abc81c7fdf33eefbdb8e458bd5ce102bbba7c
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463
b5bda00a5ec63e26748b9f40cf1356b3823db279199d74813874255c748657d2
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
b858cbc377315e1f822032842ab8b81f5b054ad753495e5323bbe497324e186d
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
b9f3d7ef28aab32f37146569e740c3d415d51a07b7a2bd791388e0237c4bc2b7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccbe74ab35866ac75cc213314e88d49fc62bc786baeab7006548e4ca5cba5430
d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2
d3cc6b0b74b949fa886fabe7bde4f82927ad4b18fe22eac02d1b45c848d88280
d41bf65826c3499d81d6043ce04a5522bb038504230bb231254e72ae6991a23e
d4946c69af684e0c2e9f86e103655bd5be5f459cdb6dcfae5f9b26ade01016df
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
d73b123cd2ef3afda65cb6e76579341b1bb1f27faddb0dfc54875e7a05b0114b
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0b6ff3f70bbf91dc83eeaab12a1fd2c627e27473a1a82dc961be5b15e91755c
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb238c7630ba8bd60ede523b57d4b3619086b3c54c04297662d2fddc65c6c4
e4405d2074c07e49ed1432078e8035de9197d89bae3aa912a443fcac9a81072f
e50bb464e8257ff1391db4b7a9fec036fc876ad95b0a72f8b0f4bd7b5997a0a6
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105
edb9155737a1151ce1c8b5aeb936d79cb06d1ae7ec19c3c0e78a8cf5330f6ba3
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f267376edea68ba2dc4c5aeac95020c5bc247e7cb71be9fc983caee054e38c84
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
fb10e4b37018b991e6cf5269e79ad87df66b91d53cbfe8f818e338b4feb1cab7
fc91b553e715c9150e9bf7533846b59f822ad4151ea0389984825460ba40601a

plantaocredito.xyz Open in urlscan Pro 143.198.150.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

143 Requests

100 %HTTPS

80 %IPv6

19 Domains

27 Subdomains

29 IPs

3 Countries

2053 kBTransfer

4200 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

plantaocredito.xyz Open in urlscan Pro
143.198.150.47 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

100 %
HTTPS

80 %
IPv6

19
Domains

27
Subdomains

29
IPs

3
Countries

2053 kB
Transfer

4200 kB
Size

6
Cookies

143 HTTP transactions
3 data transactions