utua.com.br Open in urlscan Pro
2606:4700:10::6816:229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u27351811.ct.sendgrid.net/ls/click?upn=wAUmXK1yGbfFAd4rxjE6-2FNef-2BXJR-2FCqgjldu9ZFRSpPwRej9HB-2F5XefdsiVr633DJkdZ5DjRadl...
Effective URL:
https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utu...
Submission: On February 15 via manual (February 15th 2023, 1:14:17 pm UTC) from CO — Scanned from DE

Summary HTTP 173 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 28 domains to perform 173 HTTP transactions. The main IP is 2606:4700:10::6816:229, located in United States and belongs to CLOUDFLARENET, US. The main domain is utua.com.br. The Cisco Umbrella rank of the primary domain is 743286.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2022. Valid for: a year.

This is the only time utua.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.121 167.89.115.121	11377 (SENDGRID) (SENDGRID)
1 1	143.204.89.128 143.204.89.128	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:10:... 2606:4700:10::6816:229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:802::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5 14	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
30	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
2	3.123.211.203 3.123.211.203	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3 3	3.64.174.171 3.64.174.171	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.225.50 35.157.225.50	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 2	34.254.25.134 34.254.25.134	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
173	29

1 167.89.115.121 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net

u27351811.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-128.fra50.r.cloudfront.net

wizrocketmail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:229 (United States)

ASN13335 (CLOUDFLARENET, US)

utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bucket.utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.utua.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)

ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.211.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-211-203.eu-central-1.compute.amazonaws.com

red.vtracy.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.64.174.171 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-174-171.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.225.50 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-225-50.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.25.134 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-25-134.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 144	263 KB
36	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 195 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 224 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 330	312 KB
30	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 293	366 KB
13	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4098 adservice.google.com — Cisco Umbrella Rank: 85 www.google.com — Cisco Umbrella Rank: 2	3 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 349	218 KB
8	utua.com.br utua.com.br — Cisco Umbrella Rank: 743286 bucket.utua.com.br assets.utua.com.br	104 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5268 adservice.google.de — Cisco Umbrella Rank: 7767	1 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	44 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 585	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 309	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 225	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	144 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 367	942 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2628	786 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 4481	1 KB
2	vtracy.de red.vtracy.de — Cisco Umbrella Rank: 124339	33 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1330	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 460	418 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 41	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	156 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 763	336 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 342	456 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 645	541 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 494	860 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1055	6 KB
1	wizrocketmail.net 1 redirects wizrocketmail.net — Cisco Umbrella Rank: 112245	792 B
1	sendgrid.net 1 redirects u27351811.ct.sendgrid.net	811 B
173	28

	Domain	Requested by
30	s0.2mdn.net	utua.com.br s0.2mdn.net
28	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
21	tpc.googlesyndication.com	utua.com.br securepubads.g.doubleclick.net ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com tpc.googlesyndication.com
14	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
11	securepubads.g.doubleclick.net	utua.com.br securepubads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
7	region1.analytics.google.com	www.googletagmanager.com
5	googleads.g.doubleclick.net	utua.com.br ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	utua.com.br	utua.com.br static.cloudflareinsights.com
4	googleads4.g.doubleclick.net	utua.com.br
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	www.gstatic.com	utua.com.br ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com utua.com.br
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com utua.com.br
3	www.google.com	1 redirects tpc.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	match.360yield.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	red.vtracy.de	ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com
2	www.google.de	utua.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	utua.com.br www.googletagmanager.com
2	bucket.utua.com.br	utua.com.br
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	utua.com.br
1	assets.utua.com.br	utua.com.br
1	wizrocketmail.net	1 redirects
1	u27351811.ct.sendgrid.net	1 redirects
173	40

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-24` - `2023-06-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
vtracy.de Amazon RSA 2048 M02	`2023-02-10` - `2023-07-19`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
Frame ID: FA35015BF74CE7FE8AE3B6578B4E422D
Requests: 43 HTTP requests in this frame

Frame: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 225E94144A1ADD2F21D36AF34E54B2FC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs
Frame ID: 015FD24EB164E2856D1FAEBEF5A8FDC1
Requests: 12 HTTP requests in this frame

Frame: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9775107CA977FA9451810ED078EBF0D4
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnLfp2wEwAQ&v=APEucNWfd8BxYe34HFUlH6AWvy1svBETo7I9HzOR5eja3BqbguV-cvZwjDPH7pNBFWv1uIcMKW8gwVZ9zc-mTMLKRGkZ2dwATUgT5FiCozhBf2Ju3GWriHkZFSASfYbqcJZKuxucubEZhXIpJLLa_XbU8k_3c24RBT7g17IhyXgY3500frBLyu0
Frame ID: E1D6D3754970D64FF24547557798F65C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2C298BE63CAAD7A1EB16430D1BF9995
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2700942B9F79C6686517C12F2A8D3A80
Requests: 2 HTTP requests in this frame

Frame: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6893627D221726B72A8B1804AFB11180
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYpLfp2wEwAQ&v=APEucNVYX7NEc3G4bjRAW5JGcmxEjP_AvO1F-0iRDu7JWEvIVSRB1fy7XIZxAXHz5J4LfE4dDJn1n-bk9JkZ7L6WQwvmTOIuP1OwNdJnIlJs-oiTjEjLCVYXcIJTYfXo8WEBHp1OGjb6kl2g5GohnmhWXnyQwtCYPB0TWIRtbU-u7TToBGJuEAI
Frame ID: BA5426575BE92778EE8593E30132C6A6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 774090A086B3B142FBD54F576AD8FF81
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5274390906469779943/index.html
Frame ID: C55A4A8C78D65F99B2C49548D0F9A719
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18402199775506297603/index.html
Frame ID: C7927FDA718EFB76CE70FDC977A1FFF2
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F1BA2AEECFF6EFCC5D60ABF4BB043423
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs
Frame ID: E10A826DD565B638CF1ADCB8323CA367
Requests: 11 HTTP requests in this frame

Frame: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 76B00387033FDF9D8E475AE79002B427
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1091AD63CA0075DCE9BE99D6B2426593
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2717B58CAEC3F28C2915BD69F386B8C0
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

¡Descubre la tarjeta de crédito Joven Mastercard Bancolombia! - Utua

Page URL History Show full URLs

https://u27351811.ct.sendgrid.net/ls/click?upn=wAUmXK1yGbfFAd4rxjE6-2FNef-2BXJR-2FCqgjldu9ZFRSpPwRej9HB-2F5Xef... HTTP 302
https://wizrocketmail.net/r?e=Kw0FGR8FBgx6EWR9DSZlcgUHAwwpJCw8KSQsfAsHBgZvJhILJD8hOFtfX2s0NT0gPj8SC04B... HTTP 302
https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

173
Requests

92 %
HTTPS

55 %
IPv6

28
Domains

40
Subdomains

29
IPs

6
Countries

1675 kB
Transfer

4254 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u27351811.ct.sendgrid.net/ls/click?upn=wAUmXK1yGbfFAd4rxjE6-2FNef-2BXJR-2FCqgjldu9ZFRSpPwRej9HB-2F5XefdsiVr633DJkdZ5DjRadlFzszG3t3Hvj6iWXViPmMM4aVETR4mROPfyw95Rc30Xhrr9YMwAygRbinBQyhw-2By-2BTY7xwk3ADBMAPBVK1Sd2AH5-2F8KvqSuWqBF7gXgyTkf9j5IRwNmX-2FgY-2FblOG3UIIiPa82ossZjIGg4WAAEq-2BHRA0belPLjm7x4qa1D6qG0GwxFTvSp3g0l4oYG-2Fr-2BZxeT9D2h-2Bqv3gYV3Qc3lNfk5LiMs3bDR4bzQ2nyTaXKr7T5QkDGu3ihssjbIbt0TOHvq5WZrkDtI9bIyAClotdDI9TIOEMCUFDkJ150Es7P2S-2Bdonw-2B9-2F5JI0vVV5K09YhiL1w49iK4wzmEKwafump0CsP7Hc-2B1FU-2FaKE9erSQ4oKZnmUAUjSPH6vmxf8mZqnh9jjoSA-2BDYNJGVmOv182IU-2FEQHRgHVaU-2FoghGMAfK8-2B64eYXtHWoRnz7qWRJ8Ux4nByg7EyQJmrVRwyIX9jTOCSZnjh6YuOqVZ55bidXSs1DMr4IPlacgSzQGaKMjIZDV8l0yDjtWZVeLTczLk1N8cTCY6-2FjLIiFAbR1ALRKt-2BaPhgaNQNW4P377OGjJTbbENf-2Bsq7HWefEacPL5tEU0XwzRLrqgPCMuWV5Ma7tkzizqdFALXxZbfGalZrjsya0WUeuFFiFmopdsi2s3jQlpfxxc-2FNqjgjNp5PFKoSdzA3kN5kLDO0TV2p8D8SJPzH4ccVA9QwDl0nVzBe0ZZJtSbg2JFd9SGZg0e87hUEcjRSpVt54O4B3TSokDiRdY_pL6dJiGpIhIR8cnkSzxLohfL0x-2B-2F0IhHokKGsKG1qgPNdzDwaIvb-2BOc85DZDC1GXt1zEyh5G0rnI6Hd1qzhyP60-2FA7fBuoum7Mq8912aJpMdoIhWY51xs58fU9Z5bi2DgYDc-2FNWkXT6us6BE34vw8GXwgF0sFKHLJwD4yEv-2B-2B8F75s7OGOer0t1O9SoMXqH7lY8Hz9zE7aVTr1JsjyeXGCzH-2F21U9L9moK-2FyigjmuvLHaHWqjvzAFDgSnM85fQfoG5WyprTH-2B8BmQeRzVOQIhKV1wdr4udG7yP-2FKgatXDEUUTTPmqeiGeTDVVyWQ4X8-2Bgh4avPmN71giMab-2FTj7YtuIsRMsMdlmHNidS0Srgmh31Xp6aDALaCU-2BkwFOp4DUI2s6LVfY4yy-2Frqj888Eao8Nn1g6mUBC6KpH8tzaTcT-2F10z51w2bg-2FLL0iP9kvPuo5ZxV4tmzxCJTG36rCJzop7jtNuyqLsbI8OSpAod2Bjxo-3D HTTP 302
https://wizrocketmail.net/r?e=Kw0FGR8FBgx6EWR9DSZlcgUHAwwpJCw8KSQsfAsHBgZvJhILJD8hOFtfX2s0NT0gPj8SC04BTVEhPzw%2FKxQ9P1tWWFc2LjskOXoRJ1tTWlEzJilpICAgIG1ZVRZteGN9YG9gfQABCAIIaGJ5ZGpgegYSHRYgICAgCCo7PV1EEw51DDM5Pjs8PxJyE0k%3D&r=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05%26an_uid%3D91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a&c=655716960&token=GlJWBgJRBQMHBg%3D%3D&try=1&$follow_redirect=true HTTP 302
https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 55

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnd-_iA2ylrQvK5g1ZRyYM&google_cver=1

Request Chain 56

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.zapJ8BCN.Y6t0NJFJ45gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnd-_iA2ylrQvK5g1ZRyYM&google_cver=1&google_hm=2

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-U79u-Wx50Lfu4_QZeWqU&google_cver=1

Request Chain 58

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxMjI4NTQxMDkyNDQ1ODU4MQ%3D%3D

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMLn9gsnq2aPJY6UBg__OKU&google_cver=1

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEO6EN4azg91dY5lgMzD1xTs&google_cver=1

Request Chain 168

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKukP4qKXcu55L2o2VHHAwM&google_cver=1&google_push=Aa02lx_MtsLcOdFhIHWnbK04ZKPsYoGNOmUOougq0L4bgUE4SsXD6yTiTBgXTNF4tBkJrr0hYGVfsVxWLhxd6zPEqvrBGa1itJZ_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_MtsLcOdFhIHWnbK04ZKPsYoGNOmUOougq0L4bgUE4SsXD6yTiTBgXTNF4tBkJrr0hYGVfsVxWLhxd6zPEqvrBGa1itJZ_

Request Chain 169

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDyNA57-rwSoo4Ehh99xRyw&google_cver=1&google_push=Aa02lx-1at_zLG9D-BI6AlNmgZhYimHJBUpOB7mYDGT9_NCuJdMqOA4ao5Scx_rszW7tPwXG-DJIYh_OFrboJ1nVp8qjwBMkPC0b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDyNA57-rwSoo4Ehh99xRyw&google_push=Aa02lx-1at_zLG9D-BI6AlNmgZhYimHJBUpOB7mYDGT9_NCuJdMqOA4ao5Scx_rszW7tPwXG-DJIYh_OFrboJ1nVp8qjwBMkPC0b

Request Chain 170

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEODdXmY08XZpMVX6oeQNH8k&google_cver=1&google_push=Aa02lx9pRp0l18W4DY7Unwv_nYkZmy1wllQV9NCMbSgGx8wZxFbMmqeezKjKAhMhRrJgiFIO03gj_zlK9d9YOp9nz-_6YrOcQcFR HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEODdXmY08XZpMVX6oeQNH8k&google_cver=1&google_push=Aa02lx9pRp0l18W4DY7Unwv_nYkZmy1wllQV9NCMbSgGx8wZxFbMmqeezKjKAhMhRrJgiFIO03gj_zlK9d9YOp9nz-_6YrOcQcFR HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a87a6e13-82bf-4ae1-9f5d-b586cf0b1a2e HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a87a6e13-82bf-4ae1-9f5d-b586cf0b1a2e HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=53df69f2-0782-4cd6-acdd-dc9da51db38a&ssp=google&expires=30&user_group=5&bsw_param=a87a6e13-82bf-4ae1-9f5d-b586cf0b1a2e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9pRp0l18W4DY7Unwv_nYkZmy1wllQV9NCMbSgGx8wZxFbMmqeezKjKAhMhRrJgiFIO03gj_zlK9d9YOp9nz-_6YrOcQcFR&google_hm=qHpuE4K_SuGfXbWGzwsaLg==

Request Chain 171

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHERLAN0SQDPjN-aySb-EdA&google_cver=1&google_push=Aa02lx-JFvcrJRKIXBJpZn_eLY9op0bICEf9ctOwvVPGytKG1dG7frF3tbvicWAw_P8ORBtS-CHnEc39ieqjtNZ9Ev8chUMK1wc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU1UDJXU0MtUy00NUFG&google_push=Aa02lx-JFvcrJRKIXBJpZn_eLY9op0bICEf9ctOwvVPGytKG1dG7frF3tbvicWAw_P8ORBtS-CHnEc39ieqjtNZ9Ev8chUMK1wc

Request Chain 172

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO1kZwBjABUi2s5yp_A6mPw&google_cver=1&google_push=Aa02lx--IEwBYiOAldjq3NdnY17_vUVgBApfK6dd3_xYoDnbbAHUlgtc4C5CGHBYmHNT5aDN56c8XtzY1ngGIcoEr3c1371F8NeQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx--IEwBYiOAldjq3NdnY17_vUVgBApfK6dd3_xYoDnbbAHUlgtc4C5CGHBYmHNT5aDN56c8XtzY1ngGIcoEr3c1371F8NeQ

Request Chain 173

https://match.360yield.com/match/ebda?google_gid=CAESEC4UDRci5y6n-DZgwC_pfCg&google_cver=1&google_push=Aa02lx-6BBJdnusfK02FQJCC6ODAAkCL-OKIuhlMTEnVAwclAFkkbmj_yuqmrLwxOB2Sl81eYIpiaObloR0pLFgy4uBj9tow2c8j HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEC4UDRci5y6n-DZgwC_pfCg&google_cver=1&google_push=Aa02lx-6BBJdnusfK02FQJCC6ODAAkCL-OKIuhlMTEnVAwclAFkkbmj_yuqmrLwxOB2Sl81eYIpiaObloR0pLFgy4uBj9tow2c8j HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mbXam9rJTJKTF4KC6GhhKw&google_push=Aa02lx-6BBJdnusfK02FQJCC6ODAAkCL-OKIuhlMTEnVAwclAFkkbmj_yuqmrLwxOB2Sl81eYIpiaObloR0pLFgy4uBj9tow2c8j

Request Chain 174

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEt_Bm_nhJCRTwwgUao1WaU&google_cver=1&google_push=Aa02lx8LdOCvQ_cNPYwjSUVh9PJru8WbTwWxFGTxsaX1G83eVLTU7tNcHRr32Nt0LCDXwJ0eZsdZxPD6CCgz9zhe6c6JeLKqcQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8LdOCvQ_cNPYwjSUVh9PJru8WbTwWxFGTxsaX1G83eVLTU7tNcHRr32Nt0LCDXwJ0eZsdZxPD6CCgz9zhe6c6JeLKqcQ&google_gid=CAESEEt_Bm_nhJCRTwwgUao1WaU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjQ2MDI4MTA1Mjg1ODA0ODIyOTM0&google_push=Aa02lx8LdOCvQ_cNPYwjSUVh9PJru8WbTwWxFGTxsaX1G83eVLTU7tNcHRr32Nt0LCDXwJ0eZsdZxPD6CCgz9zhe6c6JeLKqcQ

173 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
utua.com.br/co-cc-mastercard-joven-bancolombia-p1/
Redirect Chain

https://u27351811.ct.sendgrid.net/ls/click?upn=wAUmXK1yGbfFAd4rxjE6-2FNef-2BXJR-2FCqgjldu9ZFRSpPwRej9HB-2F5XefdsiVr633DJkdZ5DjRadlFzszG3t3Hvj6iWXViPmMM4aVETR4mROPfyw95Rc30Xhrr9YMwAygRbinBQyhw-2By-2...
https://wizrocketmail.net/r?e=Kw0FGR8FBgx6EWR9DSZlcgUHAwwpJCw8KSQsfAsHBgZvJhILJD8hOFtfX2s0NT0gPj8SC04BTVEhPzw%2FKxQ9P1tWWFc2LjskOXoRJ1tTWlEzJilpICAgIG1ZVRZteGN9YG9gfQABCAIIaGJ5ZGpgegYSHRYgICAgCCo7P...
https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-c...

58 KB
14 KB

220ms
74ms

Document
text/html

2606:4700:10::6816:229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 714b746c7741b2cb5ba8c41418a9a4911865469acf199e87ec9084bb66dfc572

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=300
cf-apo-via: tcache
cf-cache-status: HIT
cf-edge-cache: cache,platform=wordpress
cf-ray: 799e4e1928cf9b8f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 Feb 2023 13:14:10 GMT
last-modified: Wed, 15 Feb 2023 13:13:44 GMT
link: <https://utua.com.br/wp-json/>; rel="https://api.w.org/", <https://utua.com.br/wp-json/wp/v2/posts/19350>; rel="alternate"; type="application/json", <https://utua.com.br/?p=19350>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-cloud-trace-context: 9feab7502c4ac791aaabac4e7f134296
x-powered-by: PHP/7.4.33

Redirect headers

Cache-Control: no-cache, no-store no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 15 Feb 2023 13:14:10 GMT
Expires: 0
Location: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
Pragma: no-cache
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 8TD8G9Kf_c2K3KAsITpNKRFmG0MUKVIA9_fwOf5b983ZId4Xoftuhw==
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
X-Frame-Options: SAMEORIGIN

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 315ms
152ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234342f99e9b426acf9b05f6b37f76ddff422d604137b981f39ea5cd8fcd8970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26559
x-xss-protection: 0
server: sffe
etag: "1483 / 101 of 1000 / last-modified: 1676462809"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Feb 2023 13:14:11 GMT

GET
H2 200 child_units_sra_2.js Show response
utua.com.br/wp-content/themes/clean-n-beauty-theme/js/ 3 KB
1 KB 17ms
15ms Script
application/javascript 2606:4700:10::6816:229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/js/child_units_sra_2.js?38838
Requested by: Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514e33a20146956debf71b86d3e3184da175e2d15085e3d5512400b3f6abe99f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:10 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 1665
cf-polished: origSize=4251
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 10 Feb 2023 20:24:13 GMT
server: cloudflare
etag: W/"109b-5f45e47d81540-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: b77236ebbf5298ca2e0321fbd1b3a936
cache-control: private, max-age=300
cf-ray: 799e4e1a6ac69b8f-FRA

GET
H2 200 style.post.css
utua.com.br/wp-content/themes/clean-n-beauty-theme/ 19 KB
5 KB 197ms
194ms Stylesheet
text/css 2606:4700:10::6816:229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utua.com.br/wp-content/themes/clean-n-beauty-theme/style.post.css?ver=15022023101344
Requested by: Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12534d0ea8394e763ec801b7dffd99cd0ebadaeb497fa885df6487b51ac13dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Feb 2023 20:24:13 GMT
server: cloudflare
etag: W/"4a57-5f45e47d81540-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 008d5424ccd4dc50e5af70013fd0bc28
cache-control: private, max-age=300
cf-ray: 799e4e1a6ac39b8f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 a5c666ac-favicon2.png
bucket.utua.com.br/img/2022/03/ 872 B
1 KB 330ms
15ms Image
image/webp 2606:4700:10::6816:229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2022/03/a5c666ac-favicon2.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691171b5764dfbadde30c21093afb347c83532080d764d8b1396a133f6828a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
cf-cache-status: HIT
age: 9858
cf-polished: origFmt=png, origSize=2144
x-guploader-uploadid: ADPycdtMx8X-o1r2xzg_TH6Zvi_wnLAJpc6MvNV_IYe0Iwwu5CVHypUFywDTLMs2VLnPhyMiimbMNMVb12g3ZcLXs8ivqQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 15313
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="a5c666ac-favicon2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 872
x-goog-meta-height: 84
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Mar 2022 21:28:10 GMT
server: cloudflare
etag: "56f4936cc0ce436c0195325de8e378f0"
vary: Accept
x-goog-generation: 1646861290115134
content-type: image/webp
x-goog-hash: crc32c=gNU6mw==, md5=VvSTbMDOQ2wBlTJd6ON48A==
x-goog-meta-width: 85
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 6002bbb2892984438019950df995e524
x-goog-stored-content-length: 2144
accept-ranges: bytes
cf-ray: 799e4e1c7e0b9b8f-FRA
x-goog-meta-size: __full
expires: Wed, 15 Feb 2023 03:30:39 GMT

GET
H2 200 7a77efa6-design-sem-nome-21-1-442x332.png
bucket.utua.com.br/img/2022/06/ 34 KB
34 KB 1035ms
721ms Image
image/png 2606:4700:10::6816:229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.utua.com.br/img/2022/06/7a77efa6-design-sem-nome-21-1-442x332.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 459aab616bac008bdd5abfe7cbad337fabefb3ed69ecc9596c85606a4719ee55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvWDBgwqrk7iYtIAqUJbxeHwWDA_7cbfGeSICUTYO47pMdtIycA1zUYSL8Qtt3OmRtrz8u_MtWsMgae4lIX7kKv6OKOQy0t
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34367
x-goog-meta-height: 332
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Tue, 21 Jun 2022 21:35:35 GMT
x-goog-meta-child-of: 19344
server: cloudflare
etag: "2c8fafcb416044b84e1def6c6adeb918"
vary: Accept-Encoding
x-goog-generation: 1655847335373532
content-type: image/png
x-goog-hash: crc32c=SWb8bg==, md5=LI+vy0FgRLhOHe9sat65GA==
x-goog-meta-width: 442
cache-control: public, max-age=36000, must-revalidate
x-goog-stored-content-length: 34367
accept-ranges: bytes
cf-ray: 799e4e1c7e099b8f-FRA
x-goog-meta-size: img-442
expires: Wed, 15 Feb 2023 23:14:11 GMT

GET
H2 200 safe-browsing-google.png
assets.utua.com.br/img/ 4 KB
4 KB 40ms
18ms Image
image/webp 2606:4700:10::6816:229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.utua.com.br/img/safe-browsing-google.png
Requested by: Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af0635efaaa86b7f2e4f4d99de4befba4b9df2e518793de7c4d63e2a0aa96ee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:10 GMT
cf-cache-status: HIT
age: 404
cf-polished: origFmt=png, origSize=4226
content-disposition: inline; filename="safe-browsing-google.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3638
cf-bgj: imgq:85,h2pri
last-modified: Thu, 10 Nov 2022 21:03:58 GMT
server: cloudflare
etag: "1afb2bf5399168578cbd999fea6bfb08"
vary: Accept
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 799e4e1aab109b8f-FRA

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 61ms
39ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05&an_uid=91f682cc89aa25de4520bc3069c3bc36eb10c2e29fee40c7fd9242b1e9c63f4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://utua.com.br/
Origin: https://utua.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 799e4e1aa8239b4b-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
79 KB 145ms
50ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63a1874391cb6b2987261693f38fa464265244115052ae393f367ca02ce4bf78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80302
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Feb 2023 13:14:11 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
utua.com.br/fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 31ms
31ms Font
font/woff2 2606:4700:10::6816:229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:229 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05
Origin: https://utua.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 409279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 799e4e1b9b963a97-FRA
timing-allow-origin: *
expires: Sun, 04 Feb 2024 04:22:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
77 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3e9bee6fbe437578b60de04b86f837e700691fa22c351b1d008a95285a832d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78836
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 13:14:11 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 67ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je32d0&_p=351851535&_gaz=1&cid=887983087.1676466851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676466851&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&dt=%C2%A1Descubre%20la%20tarjeta%20de%20cr%C3%A9dito%20Joven%20Mastercard%20Bancolombia!%20-%20Utua&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 56ms
18ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y1WZWFMSQF&cid=887983087.1676466851&gtm=45je32d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 163ms
65ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y1WZWFMSQF&cid=887983087.1676466851&gtm=45je32d0&aip=1&z=2141572799

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 57ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je32d0&_p=351851535&cid=887983087.1676466851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676466851&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&dt=%C2%A1Descubre%20la%20tarjeta%20de%20cr%C3%A9dito%20Joven%20Mastercard%20Bancolombia!%20-%20Utua&en=scroll&_c=1&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2023021501.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
129 KB 49ms
48ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21383a108fc0f4840b90610def8622f8af1fde2c2833693d61a1f91c075d25d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132205
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 09:35:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 15 Feb 2024 11:44:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 812 B
405 B 176ms
80ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59153e64bb0b45161c933334f58e73a8d454da8c5b7119c4ea257a874bce0c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 380
x-xss-protection: 0
expires: Wed, 15 Feb 2023 13:14:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 230ms
75ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 142ms
48ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 579ms
579ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048269896119811&correlator=3640011839865134&eid=31072119%2C31072498%2C31072427&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fifs&iu_parts=21862753527%2Cutua_desk_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1%7C728x90%7C970x90%7C970x250%7C970x280%7C980x90%7C980x120&fluid=height&ifi=1&adks=3055829479&sfv=1-0-40&eri=1&cust_params=request_uri%3D%252Fco-cc-mastercard-joven-bancolombia-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05%26placement%3Ddirect%26hour%3D13%26dayshifts%3Dmorning&sc=1&cookie_enabled=1&abxe=1&dt=1676466851540&lmt=1676466824&dlt=1676466850939&idt=549&adxs=436&adys=78&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&frm=20&vis=1&psz=1600x168&msz=1600x90&fws=4&ohw=1600&ga_vid=887983087.1676466851&ga_sid=1676466852&ga_hid=351851535&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c087ecc475b5dc2cb0326013518b30c2829dc7a1f079a6aa687d93bebf11dbde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11397
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
7 KB 1299ms
1298ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048269896119811&correlator=3899946712745122&eid=31072119%2C31072498%2C31072427&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fifs&iu_parts=21862753527%2Cutua_desk_content&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1%7C250x250%7C300x250%7C336x280%7C480x320%7C728x90&fluid=height&ifi=2&adks=454338126&sfv=1-0-40&eri=1&cust_params=request_uri%3D%252Fco-cc-mastercard-joven-bancolombia-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05%26placement%3Ddirect%26hour%3D13%26dayshifts%3Dmorning&sc=1&cookie_enabled=1&abxe=1&dt=1676466851549&lmt=1676466824&dlt=1676466850939&idt=549&adxs=500&adys=850&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&frm=20&vis=1&psz=730x0&msz=730x0&fws=4&ohw=1600&ga_vid=887983087.1676466851&ga_sid=1676466852&ga_hid=351851535&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5b068397e59b9229c364046f32004307172f6ba641a020fea3446444a4f485e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6665
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
7 KB 789ms
788ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048269896119811&correlator=1316474236073097&eid=31072119%2C31072498%2C31072427&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fifs&iu_parts=21862753527%2Cutua_desk_sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x600&fluid=height&ifi=3&adks=104307128&sfv=1-0-40&eri=1&cust_params=request_uri%3D%252Fco-cc-mastercard-joven-bancolombia-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05%26placement%3Ddirect%26hour%3D13%26dayshifts%3Dmorning&sc=1&cookie_enabled=1&abxe=1&dt=1676466851553&lmt=1676466824&dlt=1676466850939&idt=549&adxs=1134&adys=366&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&frm=20&vis=1&psz=338x25&msz=328x0&fws=4&ohw=1600&ga_vid=887983087.1676466851&ga_sid=1676466852&ga_hid=351851535&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d748e170b4b5ec22221854e17093181a0eab963f555f1eb970082694525eae63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6658
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 225E 6 KB
3 KB 510ms
80ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:14:12 GMT
expires: Thu, 15 Feb 2024 13:14:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 218ms
96ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e2864515b9dba355fe89ae860fae8902726d3423e0d06fe19364c117caa299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11323
x-xss-protection: 0

POST
H3 204 rum Show response
utua.com.br/cdn-cgi/ 0
138 B 10ms
9ms XHR
text/plain 2606:4700:10::6816:229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utua.com.br/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:229 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
content-type: application/json

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://utua.com.br
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 799e4e219cbf3a97-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
36ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T48CH8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 12:54:48 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1164
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 15 Feb 2023 14:54:48 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302031721000/ Frame 015F 222 KB
61 KB 167ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Feb 2023 20:58:04 GMT
age: 58568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "c31ac511828178f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Feb 2024 20:58:04 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 015F 15 KB
5 KB 227ms
100ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 18:09:23 GMT
age: 155089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "031ab09f7d5e6c1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Feb 2024 18:09:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 015F 94 KB
28 KB 230ms
103ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 06:48:01 GMT
age: 23171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28880
x-xss-protection: 0
server: sffe
etag: "1d865d9ba0a59851"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 06:48:01 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 015F 5 KB
2 KB 243ms
117ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 18:09:23 GMT
age: 155089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
server: sffe
etag: "2b4961eb83980a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Feb 2024 18:09:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 015F 40 KB
13 KB 243ms
118ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 19:18:01 GMT
age: 150971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "06b4b5a97f01e05a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Feb 2024 19:18:01 GMT

GET
DATA 200
OK truncated
/ Frame 015F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3292cacc4fc243813ee2bbaebde4c96c247527bac6fd7f04920b8703787cf664

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5190340142252145860
tpc.googlesyndication.com/simgad/ Frame 015F 6 KB
6 KB 181ms
50ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5190340142252145860?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnKH0SnokzXrsenYlGCd3rvwbQOEA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a91763606a49a7826e7b43cbcc8133b731ba3ee1988e2cc248d64bfaf5c553c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 02:55:03 GMT
x-content-type-options: nosniff
age: 209949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5800
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 10:23:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Feb 2024 02:55:03 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 015F 3 KB
3 KB 180ms
48ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:11:59 GMT
x-content-type-options: nosniff
server: cafe
age: 133
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2687
x-xss-protection: 0
expires: Thu, 16 Feb 2023 13:11:59 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 015F 295 B
398 B 180ms
49ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:28:34 GMT
x-content-type-options: nosniff
server: cafe
age: 9938
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 16 Feb 2023 10:28:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 015F 0
0 90ms
90ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ci690o9rsY7eLJbKs9u8P1-Oi4AXDs4r7burbxqmYEejQ74CZAhABIJ_O9n1gleKQgqAHoAHckpuZKMgBAuACAKgDAcgDCKoE-wFP0DU9g--N4uOTgOkvGfeo3vPwmhbqPQq2QVJ6sPhlpJbP50zLny1KCmDE7c_Bw9J0MJ-H9rQeTkNxMN-TtwsNgOdT3-Mpfow-XleR_YlQBkaSJuW2YoFrtpnNTxXB_j7RDrDBBRbzxokq3BDnuTK_8QDmg6BKaTPsIbnIw7RnpF7tvpgXXBmNwsQJMnT3VDY4zHGUh3ceFyu-0rgYL5OHxBGFbFO-vRUj9SMvOlA3tbsw5np_uSr5QCg5cll2uHzPK3YJfR4-NxfID0EsxpJasjfSr-N86VYL0l90v2dqoa5Divgk7MrR1MO7IZXFCndOao0xV9hs06FFQ8AE0Nj7lrkE4AQBkgUECAQYAZIFBAgFGASgBgKAB9zK6_gCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ2oruAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTE3NTcwNjQ3MjM5MTc5OTkYmYF0&sigh=DyPnE7E50rU&uach_m=[UACH]&cid=CAQSSwDUE5ymgoopdu_uaPsnFAx7PgSSvrGthFUqG_wiEQ8vKNBSouGULaxKC4KTe7vLmIt_uhKpQwb54XDPuLLIQYU3MJUUcH2Ydg76oBgB
Requested by: Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 19ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je32d0&_p=351851535&cid=887983087.1676466851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=3&sid=1676466851&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&dt=%C2%A1Descubre%20la%20tarjeta%20de%20cr%C3%A9dito%20Joven%20Mastercard%20Bancolombia!%20-%20Utua&en=ad_impression&_c=1&ep.query_id=CPfoq9nNl_0CFTKW_Qcd17EIXA&_et=847
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
17ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-146231564-5&cid=887983087.1676466851&jid=1775127386&gjid=1158175155&_gid=2067386667.1676466852&_u=YCDAiEABBAAAAEAAI~&z=438719854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://utua.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 37ms
35ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=351851535&t=pageview&_s=1&dl=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&ul=en-us&de=UTF-8&dt=%C2%A1Descubre%20la%20tarjeta%20de%20cr%C3%A9dito%20Joven%20Mastercard%20Bancolombia!%20-%20Utua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAAAAAI~&jid=1775127386&gjid=1158175155&cid=887983087.1676466851&tid=UA-146231564-5&_gid=2067386667.1676466852&gtm=45He32d0n81T48CH8D&z=442564845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 21:06:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58077
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 143ms
62ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-146231564-5&cid=887983087.1676466851&jid=1775127386&_u=YCDAiEABBAAAAEAAI~&z=1865645151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 66ms
65ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-146231564-5&cid=887983087.1676466851&jid=1775127386&_u=YCDAiEABBAAAAEAAI~&z=1865645151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 101ms
101ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 13:14:12 GMT

GET
H2 200 container.html Show response
ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9775 6 KB
3 KB 49ms
47ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:14:12 GMT
expires: Thu, 15 Feb 2024 13:14:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 20ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je32d0&_p=351851535&cid=887983087.1676466851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=4&sid=1676466851&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&dt=%C2%A1Descubre%20la%20tarjeta%20de%20cr%C3%A9dito%20Joven%20Mastercard%20Bancolombia!%20-%20Utua&en=ad_impression&_c=1&ep.query_id=CIGPrdnNl_0CFR3huwgdKZYMag&_et=180
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 015F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

97ms
55ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05
Protocol: H2
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Redirect headers

date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E1D6 624 B
391 B 165ms
79ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnLfp2wEwAQ&v=APEucNWfd8BxYe34HFUlH6AWvy1svBETo7I9HzOR5eja3BqbguV-cvZwjDPH7pNBFWv1uIcMKW8gwVZ9zc-mTMLKRGkZ2dwATUgT5FiCozhBf2Ju3GWriHkZFSASfYbqcJZKuxucubEZhXIpJLLa_XbU8k_3c24RBT7g17IhyXgY3500frBLyu0

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:14:12 GMT
expires: Wed, 15 Feb 2023 13:14:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9775 78 KB
27 KB 268ms
172ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 13:14:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9775 42 B
63 B 182ms
87ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNmP6RkZ5rjlT0EY0Qc3nstRb7pzgO7Pyiw2BfcZSlKJ2-MzBELa3xgeK7nFOIdtGpKL7DJQ7KhG9JRIMT_jbB-Ubta35HtCL7uPOlX4hk0EmUx8c

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9775 0
20 B 175ms
79ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16125874539133598953&x=1&ct=76

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 9775 3 KB
1 KB 57ms
55ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 9775 20 KB
8 KB 49ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9775 156 KB
48 KB 156ms
49ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 13:14:12 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2C2 13 KB
5 KB 50ms
50ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:30 GMT
expires: Thu, 15 Feb 2024 11:06:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2700 783 B
967 B 51ms
49ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

68774240b2f054bbb31d04eca34912f9ff2f39768f04263ce16eb7762acffe04

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vFeMZfaLiW8d9raak40CvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-vFeMZfaLiW8d9raak40CvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:14:12 GMT
expires: Wed, 15 Feb 2023 13:14:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2700 0
0 96ms
87ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021501&jk=4048269896119811&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

GET
H3 200 6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A2C2 36 KB
14 KB 55ms
48ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14458
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 06:22:13 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E1D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnd-_iA2ylrQvK5g1ZRyYM&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnd-_iA2ylrQvK5g1ZRyYM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnLfp2wEwAQ&v=APEucNWfd8BxYe34HFUlH6AWvy1svBETo7I9HzOR5eja3BqbguV-cvZwjDPH7pNBFWv1uIcMKW8gwVZ9zc-mTMLKRGkZ2dwATUgT5FiCozhBf2Ju3GWriHkZFSASfYbqcJZKuxucubEZhXIpJLLa_XbU8k_3c24RBT7g17IhyXgY3500frBLyu0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 13:14:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnd-_iA2ylrQvK5g1ZRyYM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E1D6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.zapJ8BCN.Y6t0NJFJ45gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnd-_iA2ylrQvK5g1ZRyYM&google_cver=1&google_hm=2

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnd-_iA2ylrQvK5g1ZRyYM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnLfp2wEwAQ&v=APEucNWfd8BxYe34HFUlH6AWvy1svBETo7I9HzOR5eja3BqbguV-cvZwjDPH7pNBFWv1uIcMKW8gwVZ9zc-mTMLKRGkZ2dwATUgT5FiCozhBf2Ju3GWriHkZFSASfYbqcJZKuxucubEZhXIpJLLa_XbU8k_3c24RBT7g17IhyXgY3500frBLyu0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 13:14:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEnd-_iA2ylrQvK5g1ZRyYM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E1D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-U79u-Wx50Lfu4_QZeWqU&google_cver=1

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL-U79u-Wx50Lfu4_QZeWqU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYnLfp2wEwAQ&v=APEucNWfd8BxYe34HFUlH6AWvy1svBETo7I9HzOR5eja3BqbguV-cvZwjDPH7pNBFWv1uIcMKW8gwVZ9zc-mTMLKRGkZ2dwATUgT5FiCozhBf2Ju3GWriHkZFSASfYbqcJZKuxucubEZhXIpJLLa_XbU8k_3c24RBT7g17IhyXgY3500frBLyu0

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 13:14:12 GMT
AN-X-Request-Uuid: d54d1e12-e736-4ad6-ada8-36c1869fa95a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL-U79u-Wx50Lfu4_QZeWqU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E1D6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxMjI4NTQxMDkyNDQ1ODU4MQ%3D%3D

170 B
409 B

68ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxMjI4NTQxMDkyNDQ1ODU4MQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 15 Feb 2023 13:14:12 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 42b89f76-d11c-4bc2-a79a-a7f9617970c6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxMjI4NTQxMDkyNDQ1ODU4MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A2C2 0
10 B 52ms
52ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rWlEPQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9775 0
20 B 79ms
78ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1440277597100&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9775 0
20 B 79ms
79ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1440277597100&version=m202301230201&ct=76&x=1&cor=16125874539133600000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9775 82 KB
35 KB 78ms
75ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyIY1ZQP0ToXvjlsT0_93lTAyWBP-KwjCg4xcxMRMxvBIQ8FChDPonat7dvkoZRLAMdM0vjHeqPiurFqruJiruTrw9_g&cry=1&dbm_d=AKAmf-AeOZW71hZG-jeg8_wyYRGpdHJi200I01R0I98R7_wIgJmGHuOtHn_VrT2znRvQqVzQl1dl88mjlIyht8fR_xpH5RBoTONF_l-I9B4lW_tuGOq1jfc06JFEBLvW0bI7L08Zy-OZ95DRCuqFmOR2VaLIhZhVgB1ZXBf5TKgf5Sdz_c3vYyF9anjOkWtOGyPY2xcoeN_NV5FLgPwf9d4junIS2neziu7Abio93LvWRUfbQVAlj0uGAWJLHXAYm9OY8axG7rO-gczbdcJAKy-rOXoO5U7mtHiNocwCoIvisuxdv1HU2oPnKvgXa9q4ub4xrcV_rmAA_g908Kcd9K3nZiAIzMa-j4BZNgiGCPWL-qQ-6Y0fiYekrWnXtXK8lLvRjsHggYBfz-TKg0KFhXlZKyyYzOaAELLeTeb5WGCvy85Z2n960AZwyLvHg_Hq01rKretHEJQZqkymMoksFXpLNSUJHbOf4s0QXVKs71aTWUA6faBzIAKNUWrKW1VHoEfhOk8P1BETeXjreO_l4QYr_jr8niUjcAAcDiTJVxfINpUeSt79D5aV0ZsBSi85gW-QETVsK4B2Zqhzl3UBKjQ8koNycadrzzVsFpyMAStRobqD1nwjZJGQ6yH_99Ee42wFY3e-HEFX6-PFtIRKXhq20Hu50Ve6vOLg6KwXBHuiAkDsr9FxIBcQnFK3C4fAwVlpsRrS_2KSZJ_jawZLZDO3of_Oa7CF9DoKb62aPpEas4H4bt3FO06sq95VZQEKyippUv0v3K8KseYvrvHq1mAG_XRLzNpmgDEaQYJBPpy5Pqfp0K7Cl_YNUWx6YEm692dpIu6OG91hkzjB21JwucywdE0RY8-Fm9IlZOBNt3MymiADgNLAVibGbhLhU4EswwbLZqbRKPwXW8Pj7OUvJJuhMTK4VzRZfgpeSIj5UEOoj2Q9aztPdFOE_nApGic6PiadOumZ3N-5ofbyycoLoHzf2zZ0X2GUkzHi4p3jrGhRrdkTN0R5kgE8micWC6DJ44Dj4BlOkT7DbSV3WFmhO0kkaRkWDoFB2IPS8mqTxPtAwCzmSeUYVj4Dwls6onMM4RE3hNkwAL-4nZzW-XDB_39uzrxRQl6N7fl0FYTYtNwRxonCPEiKr2JcbcvzBcBK0sBbedFQRnTvfWpHEtkemqnQ2j7TcEPATRvHgrykf3RPoz0RxG59Tl9C1OmHbp4_Xc5fErhn2NIlP8VSA2t_aetZL9sPDIN5TWV9Xsi8wZqY_hLTGyHXq_oe7OGjjuCeAqK-7Az9TxZz05UY930smEiqCEllyrkITQfD7ckis1VUMCN--X7PjPdQJufXxUrm8F2VaEG_fc4s7KuD4SS6i6KAJQ35Wdx2onhtnFov09ImgXh3x71LnCUktuOsvYpIYWlmWoo2QsA-A_imA8IHe0VXwqblBPYgqp5fZQMzpHDmaAPOwE9IpzdpHZoMCFF_A0M0Y0m7OR5bdQI9t9yZRxMM7F3uFQWBx4XGd9f_MOc7RW3iIkIwVkoqAI7Gq5pytThjQs9VpxPXPbJTojAp4k99lBAMTp5mAtHKguT0rZJqG_uBsOYz9PSmqydKtQbhCbkibtvA1kEPuUnq0XyA6SEotadC2VO7KiDs-rYQXlKJa4tg1ZGN9tPzrAEv2Bn55Zhj3rjx1RDC92SEMrrhOeiQTKlaUYVTzOQiYPFb7zNuwZkuOp37CTF17dF13L6AQQLl3PyXdeIrRhLsr_nEEvZy2Noka86JS9Yq-aLIJhOb9CFlpouHt8NSxh8_QrY0FuJuKV-PcZih2x3BOvMZl9lIhVAnXZQkHb8sog3RnwSb7_f9M5ZmZyxdgIpAyhuWLXgiqjYGro43phYvKDypSNFPoQ5qmhlLEqjKlnR-OvrooyYpU_KP6Wya7fNI5-aNrsXpAxTxMWySabM4aNEjTtjpIuxk8BrGjD7WH5rT33Xe1iLEPpGqXGPisIOf2pat4cq1IAJxE500Enj5spZRun9TOFTbcECqDN2AE7IVzZX1KVQVpXlQcr-PPMecGlE3fp_GgjWnb7naQ-eFb8EdnXjrvTBcNUhD0ddyFxO0ET3_ZEvJURW9yS28mPWZ7LPesvgVa4Z9SWd9XQNFddWhZ-SQZ1iM9VPq6EIWFSReHzKrrIFT8LN9i72Stm4Z9yRbDrtkybY4XmP0s8jWjZt7sY1mbo9NE8-LOYSPbyrWwvGsmYUHt8-9NEmNCH9vJwDPEMgpD4c-Iz0XgJY1xATTLy73TFL7eoOhFbdHeM64lG34yBASKtrObUUSn5eJqrHf6DsSey3VhASAECbh-3-Og0IJkFUrgqiRcBB5pWjJsyWZm8Q9My1I9ZkMCueieH6pPoosi4JFBbbHjpQ24e26nt08JP6wuGeMNxNaK7IgaAbZof6YhGHpdgal9EJKvpTs8Bhta8nA95dg2KY3sKttRUyRWwSgBXyYxQlViUzk69yIZyoNp6Ou8QPDaFWIfgMZJ9yzr4nL_UKteP26v60yCdpns0nzreaKdwJxuB7Qps2_J3b3DvJDBKfxPjm-uil5-i20RkIOlDrQmcXNZU_XQa84FMRgSXGRQoZv0XULfmOlsgLJgi-rRkxxjO7NKSYITBBny4b5Xfw6sxszAbV0ZhTVJS4THX4CZjmnk-BrNtZvWhTyzwFihqd7WQG9xYs1NB-aHn6gy8NVnVA1JOhxIJZkksi6U4XldOYsHzNydV61o1E9cxrKq7crmHVRSDVnJ1uKJS_M-po-X745BT37UYjrjs3m23pShFXUIisJNMfj42fHaOWPMjnB1DeQOIMFlYDtKACNGvnclToMVHHq5IrEArPKo3t4NSbO52HWpWwjaLgXChep27T7SAZOat8Qom9R7aReYo56yjctx_6sm4GO4t_-09P3JJlWnf8mluYJoquAxtFLUun0l32qwtcO7LHilQYvoLIytPtTnZjP9Ue7pY7yFCDZ-qdbZSAVf0eMEIUlIuo_YuCmNScyP3Pi4vLZ8mOIlP0wgvnH1lsZcXmN2aIRL7eBFxIQiTmG0miOBjBnRXpvXkJloX863Tu3uhj0MrT1dUvBMI7MDggx335yVQwhI74LJT5QMnfZBLG782TCUWzk_dsPQcWxFcLxMDMJ-7m1SiUsJ6dDGsfWHX0ixyqcXUJWuT3LDJMY8rigyFbCnHQjxnt1JEUFNBcQmSacQLekAzCo_4tHH2Iw6RAsNgeV2HaWFcYJzDZk2yGVPhpDJ1HpngNV2ygWmI3cENWW6_NaUa-3LEIkAGpS1ykZB2zu0HnDCf0ra1IOq8P3cb0BJqMZTfjV9ZLGX6Aboaa0IMLHqCXnvPwDPwo3UtNMZcO7zQgJEr1p5VH1kwoT7lTYPHWjrrSyr3GAFPL7kAf7Ez2eaPq0&cid=CAQSTADUE5ymJT7BPyxjLkO3tdZLCWSIFwPb54kV_4YJ-bq5JnabbS_SdQ-t103lAdSxBfbGXCvHzQoGuGeXPZCvlAsp5jqQgkq2n6SBmygYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=16125874539133600000&adk=2923430907&idt=286&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c138b956d5a563813d9da1839c93ac6cb2eb37e84230f2d2b96565e072607b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35223
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6893 6 KB
3 KB 48ms
48ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:14:12 GMT
expires: Thu, 15 Feb 2024 13:14:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 20ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je32d0&_p=351851535&cid=887983087.1676466851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=5&sid=1676466851&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&dt=%C2%A1Descubre%20la%20tarjeta%20de%20cr%C3%A9dito%20Joven%20Mastercard%20Bancolombia!%20-%20Utua&en=ad_impression&_c=1&ep.query_id=CNXVq9nNl_0CFTfHuwgd2CMNlQ&_et=501
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9775 106 KB
37 KB 170ms
38ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
Origin: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 23:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Feb 2023 23:10:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/ Frame 9775 8 KB
3 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyIY1ZQP0ToXvjlsT0_93lTAyWBP-KwjCg4xcxMRMxvBIQ8FChDPonat7dvkoZRLAMdM0vjHeqPiurFqruJiruTrw9_g&cry=1&dbm_d=AKAmf-AeOZW71hZG-jeg8_wyYRGpdHJi200I01R0I98R7_wIgJmGHuOtHn_VrT2znRvQqVzQl1dl88mjlIyht8fR_xpH5RBoTONF_l-I9B4lW_tuGOq1jfc06JFEBLvW0bI7L08Zy-OZ95DRCuqFmOR2VaLIhZhVgB1ZXBf5TKgf5Sdz_c3vYyF9anjOkWtOGyPY2xcoeN_NV5FLgPwf9d4junIS2neziu7Abio93LvWRUfbQVAlj0uGAWJLHXAYm9OY8axG7rO-gczbdcJAKy-rOXoO5U7mtHiNocwCoIvisuxdv1HU2oPnKvgXa9q4ub4xrcV_rmAA_g908Kcd9K3nZiAIzMa-j4BZNgiGCPWL-qQ-6Y0fiYekrWnXtXK8lLvRjsHggYBfz-TKg0KFhXlZKyyYzOaAELLeTeb5WGCvy85Z2n960AZwyLvHg_Hq01rKretHEJQZqkymMoksFXpLNSUJHbOf4s0QXVKs71aTWUA6faBzIAKNUWrKW1VHoEfhOk8P1BETeXjreO_l4QYr_jr8niUjcAAcDiTJVxfINpUeSt79D5aV0ZsBSi85gW-QETVsK4B2Zqhzl3UBKjQ8koNycadrzzVsFpyMAStRobqD1nwjZJGQ6yH_99Ee42wFY3e-HEFX6-PFtIRKXhq20Hu50Ve6vOLg6KwXBHuiAkDsr9FxIBcQnFK3C4fAwVlpsRrS_2KSZJ_jawZLZDO3of_Oa7CF9DoKb62aPpEas4H4bt3FO06sq95VZQEKyippUv0v3K8KseYvrvHq1mAG_XRLzNpmgDEaQYJBPpy5Pqfp0K7Cl_YNUWx6YEm692dpIu6OG91hkzjB21JwucywdE0RY8-Fm9IlZOBNt3MymiADgNLAVibGbhLhU4EswwbLZqbRKPwXW8Pj7OUvJJuhMTK4VzRZfgpeSIj5UEOoj2Q9aztPdFOE_nApGic6PiadOumZ3N-5ofbyycoLoHzf2zZ0X2GUkzHi4p3jrGhRrdkTN0R5kgE8micWC6DJ44Dj4BlOkT7DbSV3WFmhO0kkaRkWDoFB2IPS8mqTxPtAwCzmSeUYVj4Dwls6onMM4RE3hNkwAL-4nZzW-XDB_39uzrxRQl6N7fl0FYTYtNwRxonCPEiKr2JcbcvzBcBK0sBbedFQRnTvfWpHEtkemqnQ2j7TcEPATRvHgrykf3RPoz0RxG59Tl9C1OmHbp4_Xc5fErhn2NIlP8VSA2t_aetZL9sPDIN5TWV9Xsi8wZqY_hLTGyHXq_oe7OGjjuCeAqK-7Az9TxZz05UY930smEiqCEllyrkITQfD7ckis1VUMCN--X7PjPdQJufXxUrm8F2VaEG_fc4s7KuD4SS6i6KAJQ35Wdx2onhtnFov09ImgXh3x71LnCUktuOsvYpIYWlmWoo2QsA-A_imA8IHe0VXwqblBPYgqp5fZQMzpHDmaAPOwE9IpzdpHZoMCFF_A0M0Y0m7OR5bdQI9t9yZRxMM7F3uFQWBx4XGd9f_MOc7RW3iIkIwVkoqAI7Gq5pytThjQs9VpxPXPbJTojAp4k99lBAMTp5mAtHKguT0rZJqG_uBsOYz9PSmqydKtQbhCbkibtvA1kEPuUnq0XyA6SEotadC2VO7KiDs-rYQXlKJa4tg1ZGN9tPzrAEv2Bn55Zhj3rjx1RDC92SEMrrhOeiQTKlaUYVTzOQiYPFb7zNuwZkuOp37CTF17dF13L6AQQLl3PyXdeIrRhLsr_nEEvZy2Noka86JS9Yq-aLIJhOb9CFlpouHt8NSxh8_QrY0FuJuKV-PcZih2x3BOvMZl9lIhVAnXZQkHb8sog3RnwSb7_f9M5ZmZyxdgIpAyhuWLXgiqjYGro43phYvKDypSNFPoQ5qmhlLEqjKlnR-OvrooyYpU_KP6Wya7fNI5-aNrsXpAxTxMWySabM4aNEjTtjpIuxk8BrGjD7WH5rT33Xe1iLEPpGqXGPisIOf2pat4cq1IAJxE500Enj5spZRun9TOFTbcECqDN2AE7IVzZX1KVQVpXlQcr-PPMecGlE3fp_GgjWnb7naQ-eFb8EdnXjrvTBcNUhD0ddyFxO0ET3_ZEvJURW9yS28mPWZ7LPesvgVa4Z9SWd9XQNFddWhZ-SQZ1iM9VPq6EIWFSReHzKrrIFT8LN9i72Stm4Z9yRbDrtkybY4XmP0s8jWjZt7sY1mbo9NE8-LOYSPbyrWwvGsmYUHt8-9NEmNCH9vJwDPEMgpD4c-Iz0XgJY1xATTLy73TFL7eoOhFbdHeM64lG34yBASKtrObUUSn5eJqrHf6DsSey3VhASAECbh-3-Og0IJkFUrgqiRcBB5pWjJsyWZm8Q9My1I9ZkMCueieH6pPoosi4JFBbbHjpQ24e26nt08JP6wuGeMNxNaK7IgaAbZof6YhGHpdgal9EJKvpTs8Bhta8nA95dg2KY3sKttRUyRWwSgBXyYxQlViUzk69yIZyoNp6Ou8QPDaFWIfgMZJ9yzr4nL_UKteP26v60yCdpns0nzreaKdwJxuB7Qps2_J3b3DvJDBKfxPjm-uil5-i20RkIOlDrQmcXNZU_XQa84FMRgSXGRQoZv0XULfmOlsgLJgi-rRkxxjO7NKSYITBBny4b5Xfw6sxszAbV0ZhTVJS4THX4CZjmnk-BrNtZvWhTyzwFihqd7WQG9xYs1NB-aHn6gy8NVnVA1JOhxIJZkksi6U4XldOYsHzNydV61o1E9cxrKq7crmHVRSDVnJ1uKJS_M-po-X745BT37UYjrjs3m23pShFXUIisJNMfj42fHaOWPMjnB1DeQOIMFlYDtKACNGvnclToMVHHq5IrEArPKo3t4NSbO52HWpWwjaLgXChep27T7SAZOat8Qom9R7aReYo56yjctx_6sm4GO4t_-09P3JJlWnf8mluYJoquAxtFLUun0l32qwtcO7LHilQYvoLIytPtTnZjP9Ue7pY7yFCDZ-qdbZSAVf0eMEIUlIuo_YuCmNScyP3Pi4vLZ8mOIlP0wgvnH1lsZcXmN2aIRL7eBFxIQiTmG0miOBjBnRXpvXkJloX863Tu3uhj0MrT1dUvBMI7MDggx335yVQwhI74LJT5QMnfZBLG782TCUWzk_dsPQcWxFcLxMDMJ-7m1SiUsJ6dDGsfWHX0ixyqcXUJWuT3LDJMY8rigyFbCnHQjxnt1JEUFNBcQmSacQLekAzCo_4tHH2Iw6RAsNgeV2HaWFcYJzDZk2yGVPhpDJ1HpngNV2ygWmI3cENWW6_NaUa-3LEIkAGpS1ykZB2zu0HnDCf0ra1IOq8P3cb0BJqMZTfjV9ZLGX6Aboaa0IMLHqCXnvPwDPwo3UtNMZcO7zQgJEr1p5VH1kwoT7lTYPHWjrrSyr3GAFPL7kAf7Ez2eaPq0&cid=CAQSTADUE5ymJT7BPyxjLkO3tdZLCWSIFwPb54kV_4YJ-bq5JnabbS_SdQ-t103lAdSxBfbGXCvHzQoGuGeXPZCvlAsp5jqQgkq2n6SBmygYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=16125874539133600000&adk=2923430907&idt=286&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 06:22:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 9775 28 KB
11 KB 54ms
54ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10817
x-xss-protection: 0
server: cafe
etag: 7837758721724492523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BA54 640 B
265 B 76ms
72ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYpLfp2wEwAQ&v=APEucNVYX7NEc3G4bjRAW5JGcmxEjP_AvO1F-0iRDu7JWEvIVSRB1fy7XIZxAXHz5J4LfE4dDJn1n-bk9JkZ7L6WQwvmTOIuP1OwNdJnIlJs-oiTjEjLCVYXcIJTYfXo8WEBHp1OGjb6kl2g5GohnmhWXnyQwtCYPB0TWIRtbU-u7TToBGJuEAI

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:14:12 GMT
expires: Wed, 15 Feb 2023 13:14:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6893 78 KB
27 KB 118ms
115ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27798
x-xss-protection: 0
server: cafe
etag: 12162329123218539290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 13:14:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6893 42 B
63 B 83ms
80ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_CG8Shy2rDwqhgA_x1ZelLoSekIsCnthI8hp5FRVgtz4kxLDJg9Yu213n6u4b_1aRhtpB-GN9RuZOoxq1Wl6ljXYN5efzGYivK3DAxAcLQQgg64U

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6893 0
20 B 82ms
79ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6586202603114010877&x=1&ct=76

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 6893 3 KB
1 KB 49ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 6893 20 KB
8 KB 50ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6893 156 KB
48 KB 97ms
94ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 13:14:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9775 41 KB
15 KB 49ms
49ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 11:06:29 GMT

GET
DATA 200
OK truncated
/ Frame 9775 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1589c6d110ab30331aaf6a3c94b5602739be81bd6a8139be9430acfae4142098

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BA54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMLn9gsnq2aPJY6UBg__OKU&google_cver=1

43 B
273 B

38ms
20ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMLn9gsnq2aPJY6UBg__OKU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYpLfp2wEwAQ&v=APEucNVYX7NEc3G4bjRAW5JGcmxEjP_AvO1F-0iRDu7JWEvIVSRB1fy7XIZxAXHz5J4LfE4dDJn1n-bk9JkZ7L6WQwvmTOIuP1OwNdJnIlJs-oiTjEjLCVYXcIJTYfXo8WEBHp1OGjb6kl2g5GohnmhWXnyQwtCYPB0TWIRtbU-u7TToBGJuEAI
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMLn9gsnq2aPJY6UBg__OKU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame BA54 43 B
145 B 99ms
22ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYpLfp2wEwAQ&v=APEucNVYX7NEc3G4bjRAW5JGcmxEjP_AvO1F-0iRDu7JWEvIVSRB1fy7XIZxAXHz5J4LfE4dDJn1n-bk9JkZ7L6WQwvmTOIuP1OwNdJnIlJs-oiTjEjLCVYXcIJTYfXo8WEBHp1OGjb6kl2g5GohnmhWXnyQwtCYPB0TWIRtbU-u7TToBGJuEAI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame BA54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEO6EN4azg91dY5lgMzD1xTs&google_cver=1

23 B
172 B

69ms
33ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEO6EN4azg91dY5lgMzD1xTs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYpLfp2wEwAQ&v=APEucNVYX7NEc3G4bjRAW5JGcmxEjP_AvO1F-0iRDu7JWEvIVSRB1fy7XIZxAXHz5J4LfE4dDJn1n-bk9JkZ7L6WQwvmTOIuP1OwNdJnIlJs-oiTjEjLCVYXcIJTYfXo8WEBHp1OGjb6kl2g5GohnmhWXnyQwtCYPB0TWIRtbU-u7TToBGJuEAI
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

expires: Wed, 15 Feb 2023 13:14:13 GMT
pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEO6EN4azg91dY5lgMzD1xTs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame BA54 23 B
172 B 122ms
34ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYpLfp2wEwAQ&v=APEucNVYX7NEc3G4bjRAW5JGcmxEjP_AvO1F-0iRDu7JWEvIVSRB1fy7XIZxAXHz5J4LfE4dDJn1n-bk9JkZ7L6WQwvmTOIuP1OwNdJnIlJs-oiTjEjLCVYXcIJTYfXo8WEBHp1OGjb6kl2g5GohnmhWXnyQwtCYPB0TWIRtbU-u7TToBGJuEAI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

expires: Wed, 15 Feb 2023 13:14:13 GMT
pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7740 22 KB
8 KB 48ms
46ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:29 GMT
expires: Thu, 15 Feb 2024 11:06:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6893 0
20 B 81ms
81ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6538653231369&version=m202301300101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6893 0
20 B 80ms
79ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6538653231369&version=m202301300101&ct=76&x=1&cor=6586202603114011000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6893 82 KB
34 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AvfpVb_SaksBg1EhppnK3N462rcsQNHMiNUBZgU7Zmrv89VkoalfD_g8FhAb5AqIyxnBpP8iu9IwmOSYWNbAusLnjXwA&cry=1&dbm_d=AKAmf-CzMrTgiN1cm0oc48S4SKMgxY8a3FUZu6P0-20XgaVXxjac__j6-fOW0Fe6LWlpVyTi4YbQLS0K0FbPAZgMZLYpB9UC9DdpzUyi6eIfzuXW2XGLYQI7p3f1EAtE7qjTHrUl2pMTo1shiIBlmJwoG2v6v9SoXzunbrAvlma1NTHb8_q0S6pruEG67a_ItbS-J2QlRYs4_reQRkQSpKe9M2lnM-4eK-GRkluuGKAQ5ZV1fr6VDFQwwG2_TSJg74jqZQnqF18LryWQxH6vBNOZ8QLznLjCLGTbTd_jYQKoxIMm-AnJGgn1UuTFIT3dk4rPKR5k6bCBi8JfjhFLyQKRT69YQ5zMgfVJGhDP3Qg875t1JYRyEUS-pGMoZYIEgHLgl3B0JZRJYsTwqqyC_ubBR-wkKSOBQT7CxO0etou8gXLYxVr6sNu7grDCCjo8xY3A1-_Bm-xSJytI1GNJo2SvkYBTDAFQD2VsTyrATR4gjeRFmX1SfzlSRF9kdMh2Jijq7hqResZRiYnE_yA7-2c9FPlApcbJEg8ZC973ySG_OTUxruUVT5wa5zC2tFISPLHM4SEmt7ZioRLrdRv2Qp0KxpkkcSDmVfhfdoAv4wbJ9uChRZv5d5jnY8zRCwuB-k6ouDeIb3mhZuS-LHfaLEciq1glG3AlxGm-iG2jM2B2mBD9QccJVG38sqak-QBncNy9B12CObmWOWn4uPCq0r0vmkVetMuncpbGDLtNbfATH1Mlk_NZu6KX_LPMfUp1hA-62GwG0SOdM2qHVhj5JQEJ_yaO7dGjKo4EPSmHnxcVrsp2FXaZ3yskE1vRDmKJsP7razJgXfeCmeqffIcH7-VwaCQnR9_YFyWg-xXcz7tqW4irYeJ9GxUuLKjDhm5asbQEMJZCabHAggYbT0HbwcUMU7M0LIkRO6yZ6ey-kO6olPqGNzlRno57zU-iUB3Y8Jhg6g1qGXnJtu0iGm5lLJAnvRWE5I2bB8YrUyEbWltIPQplltRtbX36rngQgJDNzxGuKq5kusleDLyKKEddMAr_kGaIKLXAiea6EJIMahrDs7xWe8D2Y7X8dS9FyBSfETp6rbGXPWhQ65wWOfGFvi0qpEE6OBltKJLRLS0DJmiF9ycNraWgEdxx9XFzvBQmgWI_9FkFhhHutTold7oVJUyzhET26mtt4yT9xGx8ge97kAZK6Q8ypavJNoHzhMBPe3qJvI4_3OAiAJnme7hvS89P5gzMETno6BVDDzRtYtT6Bva0zwrsGLjodtpF4Y3vvYNO6vtEd5NGz7w5n4z4xwSQziCz38hLUOdr1QwqsIbOaAVxAi38eSlKDaaTbm1nXydBcECChDWptwAA9UNi96Lckt6gVUXlIbzjm0p0v7UychU2YPwM3AkvRDoF3fwbHktPxOZTrh-Rnfk0JG6HDXBirLkTZ9gQqcjXwomMqxYep-yDOklEzE6-9iKxt0U-RaMO32EpWbCiaAkazHah2hNts49ZaO599zH3nizMo9OlC5R7Gz1gUfswhTolXkwSZHP010VMpNpB-MtTQbqQwvACM-UA8-5JXTg-GF3va-g2iVmgSDjRAKid0xaEumfT1shAS4PfNo-pQkReEl6U-mv2jnBkFToKy_ebYJt0FDblSbkslDLMHdJJElmUccCqaUa4Cje4j4JGXwaJSEQrFpXdWZXYTvQy0VWJwjf1l4NZJkH5B9NxiwHxlJ5yMQUJ7pAjCPU9BNEZGFHdmWu0_zg1CBxglZ6SjANaJvlmWUKVhP88q5BWncscSZ5GBdAyESztTkKgr7QaN4Gqu2KKalxX6t3r1oV6z0RojyVGNx_x-M8bcdsUsrPBZCO1s2aGONHMGA2t0fEgeu4zBuTn4gUljj_jMYVIm8bFOWXLkW04c6X_w8r5-9Z8tF_Q8YwWL3qGCR-jzxZCO2oTxX7IlXH4hpNDFcyMOgntsZyKi6riiqOK97aK8vKfXqmxDESjHxBz9LCDPffGjL2Usk2ciqbENWOTTbMhUOo5afc_pKoUAHFqA-RMZ2pLuLRZfMqt9VnhEXbEdO0n9HYEPEcnxzksN1-jiJcw06EvvBb4ZqBU2xFuEZWxuVKJPQ_bLCDq9YDaQ0vftAT2CvYDyDlkQeKW6-Yl1QrlRai_OiOoW2dsTSZ9XdLu_BYFtoMPj58T5ztflgWMUiLqioHw6niK1SJnycCZcatOP69FKbhcNbb_8FjbKZPj4tkIRZHHv4mYAKql_XS4JKWz2dusXrh4p1dD-Lit30GgXjBVVMbVpaIJEXO57aJw-JiYlrLziAFDuRMqqB2UdLND5q79vQVfzrOQN7kJl4Vox_EbGVGtQbU3LXBMnp1n2JEr67_kmdYHJDfBBWAPCQwpSzlfOxp3F8AF0TTIqFaAfCKHhVvzUk9zizhE0tAbRys_5D8mUq6RmoPqIu4lmckrSjyyhxxDnrQ-So0rtJLqLyrDq22O4c2zI4x-fIEXeRiuL_mbGlYfjW03IoqEWbM_xntEjUv9DmNLK3cZ2Qoe8wBgy3RSZz_7qH0Nn6t4m--2Zrc5zfkNkiaq__O31IYQ3FrlrXRLZSYubaHNiErC-IJ2jtSyYKyb_qf7nHfQdEbzMZH8VVjjaLCbRvpCRVAS9Lb9axOGyPTNDULdQpZ-zG63cSAKrw0LlmANExgNpo6GrKjXoQrch2s9xvV2QkJ5b6nAGHNt53vUUYDq_FXJtBSeTe3ZpVPSDVzzbWZGFHp9yIM9nYKXB71gG7NaT97yoK3fEyou_rqTAd551X5Jux5aFNLpjBPu63G9k45XqeXmDXN-lgl7x5Yb83dQ3wjtUHyulV3VxesDKcD8GwY6nAr8KhswmuNem9rVSg-R6_Bz8HJTcBRL8pcSIP4_xlRoxGROzQohXWYeRV2iiF5fx8jztZ9_y6KpmuxPaZ4sZJ1T1IvJ6UGv6XM0Ykkm7zmANfZLxtHlB1Vqb6klfPFOyA-mD1sRSRfaLg5rt-mOX2R1WA1jE9hgBmrMS1yqGTbDkAn6GtGkWoVsUaLDvc849tVcIRw3nFDXOgijDTKgSApwqmBEF_xjGWgX0l8iO0zw40ecOLxeovWPXhw6U9F_1ScWl6sBnso978zfL8BIzSBFAq3xt4HzHnL4TgSgzL97MLLUhR35OITuR0A8IR2uZMQeud75UPDpzIBaCrM8bcDdc1QD9OcOSGfGb1WJonTDD54vJqHU_mWX6lwHQUrxwTTvbpCWtOu-HcrdQnTLo5uq7qBAiiBU9UIQymAILDLV3KjIZCneN-3XJW_nNCGADHrB4dQWjq2MFOSjE38IyXzEEwrSzeTvVEGwCLjKi5H1HRSfi46MrkAiVNJiGMmgiNugUkXIq4tY4njPad-_r_wvmixo_6FzmzclWlhi3s1O&cid=CAQSSwDUE5ymgP4TQ1FtY9vDrN-Oom2TCvUoXniIOST1rlirgpLdTTQ7ifBcXN78tHyL7SE855pUpcbyja8h2wze-7OumvZ-UJzm-2-SXhgB&dc_eid=31072035&dv3_ver=m202301300101&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=6586202603114011000&adk=2228999115&idt=136&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b02150d934fc557f832043f51ca8ce16b53180ea14135bbd35feb7486660b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35262
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5274390906469779943/ Frame C55A 4 KB
1 KB 117ms
39ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93dc3442b92767645ff6ef3c33d2abc7b03da3823d9e73737b0ad1c91623af2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 310782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1307
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 22:54:31 GMT
expires: Sun, 11 Feb 2024 22:54:31 GMT
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9775 0
0 233ms
89ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstN1VXkYbFuSwfV-SzhBhcD58Dmj-Qyes779hP49Qh_I9qToaEvS8xxMbj9V-hHvxLCy0Vmtyn_sKnmdztnE2O2bpGrvn1BBDmuCAgxu_ClBmGLsmZ_Eoaxd1x0vunw29Clsp-v2Nj6ykil5djeUmH4hzv7aUjQQAX5EAcxovxY7CElFjiuyLOOBFE-kFL42EL2qvWDNVs022rViD5urbrQ7HBJpDVgPKbL6lTCw4PAzUFmJV-XgBATFf4VmFJCJEZGoHXYkRm3JLcu9_djDvqm2Ob2payQR_-8kzY4rMSPVoHtue4Lm_beh5nMKjUQ_Z6x7W_EjYjIx5-4cCfPAJcmvD9XiPFPyTemHD8S2Dltnbp-03ptE-IaRdu7MoExbjutiDce-3GRSmvpCohA0NhkLInA99FhQYbdxELX5pLRZCDR8ebGqOsIV2DtTvRwJmwouqBtxLiBmy0tgwaJdRlRxs27c--EN4Mcn3vyR8X81ClJwXClKTs1MV8R9MnwwQvQ0eEboUW7i4hjdoaT9NnCzVo5UaM5o2_FrqqlgtXdqQxfEw6tPcMd0qbUhxQC5OeZZixIihcXaOlXiWljD6i_zv7uri5l-3d7yHBalNY0pN1lla2O4pSqzHk85aKB_oNIB2OoSzB-wzxvG3mlCQdV3Q21D89LfpS4PlADWPoEhdC67vVZzove2Zi4z1AAQmb6VVTB-8TBlJSUH7B0OMhRfAyUWgLvGxWiR9aqbv56ca0a7lcKkQO51p4JqUldyR9UlUQciGxB8pKXNsxzj4DEtu0SD1-nyEhUxe54CEhp5YcwnJZ7LYUzVpkFxfYSA8PN_jvFuN6n9eaMMpOcoqVvnNdKShU7Tlaw4F3nVKMAEVEbWi0T4DT14G6GFJ-mxrrbeCuT36ejdGGVw1dqO1fGAZalwYAYDAMSh6DpDYzz5BYwnKV5QWmrP_wbVT5wn-OP_ucpeRyXxgfK9Ex63ecLpv3bFM8J1zV5WaJ51dihQwpHh7MYpCFqXWSWlMQCnQijN6z0Yx6HZ5KoVQ87YB1PSRv7GPIOHDmizl60CyzEXrsP0TaBxwUh4DYSGe867u3UHGpMSgKU-yqnVkhSOffi45Wpf96CGNpDja6GP6w-gF81NFjs5Fz8HXw8NcVmpZVFtyoScSpPHnG4-JtSCnKGbVdi3A&sai=AMfl-YTLfrtDw-Zm3HPeJSCLRjRzdez7RZqb8sQ7tA7KWiRGcpR5ZCuhUr_RBRihkJagYsMRP6OF5eZ9A9-CwhwqUtSUlkVWgr8ItvxBj9GbBO0ZM1fTdM5Jm82WGfnn7gkIWrPbhU9Wngal212zFgXvyUOnU0sybdoUwFWMQQfwOegLhAXl3OfaLf11Ms5ukofw5wnwuTKsXmMc-Gog_Us8smPSSTuKWZTFHMoyuf06XaSDdwKiqBqfgFeMN2AsDv5WxvOF3SFWL5oJA_tkfP44YThqOqzT486Gu4Zv&sig=Cg0ArKJSzFTna908OKW4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=231&cbvp=1&cstd=228&cisv=r20230213.90677&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 15 Feb 2023 13:14:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Feb 2023 13:14:13 GMT

GET
H/1.1 200
OK tag.tr
red.vtracy.de/ Frame 9775 17 KB
17 KB 59ms
16ms Image
text/javascript 3.123.211.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/tag.tr?tr_adid=k29065961_s3021957_p354299889_c183743943&tr_mid=0&tr_sync=true&tr_uid1=DC&t=406130686&gdpr_consent=&gdpr=
Requested by: Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.211.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-211-203.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 13:14:13 GMT
Server: Apache
Connection: keep-alive
Content-Length: 17000
Content-Type: text/javascript;charset=UTF-8

GET
H3 200 6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7740 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14458
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 06:22:13 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6893 106 KB
37 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
Origin: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 23:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Feb 2023 23:10:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/ Frame 6893 8 KB
3 KB 46ms
46ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AvfpVb_SaksBg1EhppnK3N462rcsQNHMiNUBZgU7Zmrv89VkoalfD_g8FhAb5AqIyxnBpP8iu9IwmOSYWNbAusLnjXwA&cry=1&dbm_d=AKAmf-CzMrTgiN1cm0oc48S4SKMgxY8a3FUZu6P0-20XgaVXxjac__j6-fOW0Fe6LWlpVyTi4YbQLS0K0FbPAZgMZLYpB9UC9DdpzUyi6eIfzuXW2XGLYQI7p3f1EAtE7qjTHrUl2pMTo1shiIBlmJwoG2v6v9SoXzunbrAvlma1NTHb8_q0S6pruEG67a_ItbS-J2QlRYs4_reQRkQSpKe9M2lnM-4eK-GRkluuGKAQ5ZV1fr6VDFQwwG2_TSJg74jqZQnqF18LryWQxH6vBNOZ8QLznLjCLGTbTd_jYQKoxIMm-AnJGgn1UuTFIT3dk4rPKR5k6bCBi8JfjhFLyQKRT69YQ5zMgfVJGhDP3Qg875t1JYRyEUS-pGMoZYIEgHLgl3B0JZRJYsTwqqyC_ubBR-wkKSOBQT7CxO0etou8gXLYxVr6sNu7grDCCjo8xY3A1-_Bm-xSJytI1GNJo2SvkYBTDAFQD2VsTyrATR4gjeRFmX1SfzlSRF9kdMh2Jijq7hqResZRiYnE_yA7-2c9FPlApcbJEg8ZC973ySG_OTUxruUVT5wa5zC2tFISPLHM4SEmt7ZioRLrdRv2Qp0KxpkkcSDmVfhfdoAv4wbJ9uChRZv5d5jnY8zRCwuB-k6ouDeIb3mhZuS-LHfaLEciq1glG3AlxGm-iG2jM2B2mBD9QccJVG38sqak-QBncNy9B12CObmWOWn4uPCq0r0vmkVetMuncpbGDLtNbfATH1Mlk_NZu6KX_LPMfUp1hA-62GwG0SOdM2qHVhj5JQEJ_yaO7dGjKo4EPSmHnxcVrsp2FXaZ3yskE1vRDmKJsP7razJgXfeCmeqffIcH7-VwaCQnR9_YFyWg-xXcz7tqW4irYeJ9GxUuLKjDhm5asbQEMJZCabHAggYbT0HbwcUMU7M0LIkRO6yZ6ey-kO6olPqGNzlRno57zU-iUB3Y8Jhg6g1qGXnJtu0iGm5lLJAnvRWE5I2bB8YrUyEbWltIPQplltRtbX36rngQgJDNzxGuKq5kusleDLyKKEddMAr_kGaIKLXAiea6EJIMahrDs7xWe8D2Y7X8dS9FyBSfETp6rbGXPWhQ65wWOfGFvi0qpEE6OBltKJLRLS0DJmiF9ycNraWgEdxx9XFzvBQmgWI_9FkFhhHutTold7oVJUyzhET26mtt4yT9xGx8ge97kAZK6Q8ypavJNoHzhMBPe3qJvI4_3OAiAJnme7hvS89P5gzMETno6BVDDzRtYtT6Bva0zwrsGLjodtpF4Y3vvYNO6vtEd5NGz7w5n4z4xwSQziCz38hLUOdr1QwqsIbOaAVxAi38eSlKDaaTbm1nXydBcECChDWptwAA9UNi96Lckt6gVUXlIbzjm0p0v7UychU2YPwM3AkvRDoF3fwbHktPxOZTrh-Rnfk0JG6HDXBirLkTZ9gQqcjXwomMqxYep-yDOklEzE6-9iKxt0U-RaMO32EpWbCiaAkazHah2hNts49ZaO599zH3nizMo9OlC5R7Gz1gUfswhTolXkwSZHP010VMpNpB-MtTQbqQwvACM-UA8-5JXTg-GF3va-g2iVmgSDjRAKid0xaEumfT1shAS4PfNo-pQkReEl6U-mv2jnBkFToKy_ebYJt0FDblSbkslDLMHdJJElmUccCqaUa4Cje4j4JGXwaJSEQrFpXdWZXYTvQy0VWJwjf1l4NZJkH5B9NxiwHxlJ5yMQUJ7pAjCPU9BNEZGFHdmWu0_zg1CBxglZ6SjANaJvlmWUKVhP88q5BWncscSZ5GBdAyESztTkKgr7QaN4Gqu2KKalxX6t3r1oV6z0RojyVGNx_x-M8bcdsUsrPBZCO1s2aGONHMGA2t0fEgeu4zBuTn4gUljj_jMYVIm8bFOWXLkW04c6X_w8r5-9Z8tF_Q8YwWL3qGCR-jzxZCO2oTxX7IlXH4hpNDFcyMOgntsZyKi6riiqOK97aK8vKfXqmxDESjHxBz9LCDPffGjL2Usk2ciqbENWOTTbMhUOo5afc_pKoUAHFqA-RMZ2pLuLRZfMqt9VnhEXbEdO0n9HYEPEcnxzksN1-jiJcw06EvvBb4ZqBU2xFuEZWxuVKJPQ_bLCDq9YDaQ0vftAT2CvYDyDlkQeKW6-Yl1QrlRai_OiOoW2dsTSZ9XdLu_BYFtoMPj58T5ztflgWMUiLqioHw6niK1SJnycCZcatOP69FKbhcNbb_8FjbKZPj4tkIRZHHv4mYAKql_XS4JKWz2dusXrh4p1dD-Lit30GgXjBVVMbVpaIJEXO57aJw-JiYlrLziAFDuRMqqB2UdLND5q79vQVfzrOQN7kJl4Vox_EbGVGtQbU3LXBMnp1n2JEr67_kmdYHJDfBBWAPCQwpSzlfOxp3F8AF0TTIqFaAfCKHhVvzUk9zizhE0tAbRys_5D8mUq6RmoPqIu4lmckrSjyyhxxDnrQ-So0rtJLqLyrDq22O4c2zI4x-fIEXeRiuL_mbGlYfjW03IoqEWbM_xntEjUv9DmNLK3cZ2Qoe8wBgy3RSZz_7qH0Nn6t4m--2Zrc5zfkNkiaq__O31IYQ3FrlrXRLZSYubaHNiErC-IJ2jtSyYKyb_qf7nHfQdEbzMZH8VVjjaLCbRvpCRVAS9Lb9axOGyPTNDULdQpZ-zG63cSAKrw0LlmANExgNpo6GrKjXoQrch2s9xvV2QkJ5b6nAGHNt53vUUYDq_FXJtBSeTe3ZpVPSDVzzbWZGFHp9yIM9nYKXB71gG7NaT97yoK3fEyou_rqTAd551X5Jux5aFNLpjBPu63G9k45XqeXmDXN-lgl7x5Yb83dQ3wjtUHyulV3VxesDKcD8GwY6nAr8KhswmuNem9rVSg-R6_Bz8HJTcBRL8pcSIP4_xlRoxGROzQohXWYeRV2iiF5fx8jztZ9_y6KpmuxPaZ4sZJ1T1IvJ6UGv6XM0Ykkm7zmANfZLxtHlB1Vqb6klfPFOyA-mD1sRSRfaLg5rt-mOX2R1WA1jE9hgBmrMS1yqGTbDkAn6GtGkWoVsUaLDvc849tVcIRw3nFDXOgijDTKgSApwqmBEF_xjGWgX0l8iO0zw40ecOLxeovWPXhw6U9F_1ScWl6sBnso978zfL8BIzSBFAq3xt4HzHnL4TgSgzL97MLLUhR35OITuR0A8IR2uZMQeud75UPDpzIBaCrM8bcDdc1QD9OcOSGfGb1WJonTDD54vJqHU_mWX6lwHQUrxwTTvbpCWtOu-HcrdQnTLo5uq7qBAiiBU9UIQymAILDLV3KjIZCneN-3XJW_nNCGADHrB4dQWjq2MFOSjE38IyXzEEwrSzeTvVEGwCLjKi5H1HRSfi46MrkAiVNJiGMmgiNugUkXIq4tY4njPad-_r_wvmixo_6FzmzclWlhi3s1O&cid=CAQSSwDUE5ymgP4TQ1FtY9vDrN-Oom2TCvUoXniIOST1rlirgpLdTTQ7ifBcXN78tHyL7SE855pUpcbyja8h2wze-7OumvZ-UJzm-2-SXhgB&dc_eid=31072035&dv3_ver=m202301300101&rfl=https%3A%2F%2Futua.com.br%2F&ds=l&xdt=1&iif=1&cor=6586202603114011000&adk=2228999115&idt=136&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 06:22:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 6893 28 KB
11 KB 49ms
49ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10817
x-xss-protection: 0
server: cafe
etag: 7837758721724492523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 72ms
69ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
45ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
11 KB 1030ms
1030ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048269896119811&correlator=2392049820054033&eid=31072119%2C31072498%2C31072427&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fifs&iu_parts=21862753527%2Cutua_desk_content%2Cutua_desk_content_01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C480x320%7C336x280&ifi=4&adks=2954575722&sfv=1-0-40&prev_scp=index%3D1&eri=1&cust_params=request_uri%3D%252Fco-cc-mastercard-joven-bancolombia-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05%26placement%3Ddirect%26hour%3D13%26dayshifts%3Dmorning&sc=1&cookie=ID%3D491b3302e9054bf3%3AT%3D1676466851%3AS%3DALNI_Maj4WU5jggHVTrrzvi5MplfS1FPNA&gpic=UID%3D00000bb721de7579%3AT%3D1676466851%3ART%3D1676466851%3AS%3DALNI_MZgNl549zx7RhVqAjCI3JzZtpMkMA&abxe=1&dt=1676466853225&lmt=1676466824&dlt=1676466850939&idt=549&adxs=475&adys=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&frm=20&vis=1&psz=730x0&msz=300x1&fws=132&ohw=1600&ga_vid=887983087.1676466851&ga_sid=1676466852&ga_hid=351851535&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63fc3a6fb44b8f8d7229ac657afd57cb387f63f02766072e2b6f5033394b31a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11747
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/ Frame C55A 1 KB
481 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79c587843db970f8b6e9916bd7761294209481e5d65ed8e6b8c5477ade836fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 18:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 452
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 18:06:22 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C55A 105 KB
35 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Feb 2023 13:14:13 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/5274390906469779943/javascripts/ Frame C55A 2 KB
580 B 46ms
45ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96c09b565e295ff3b37289f8194acb5d3cdbc41b7737b0f5c4ecf2288c29a75b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 05:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 551
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 05:03:46 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18402199775506297603/ Frame C792 4 KB
1 KB 40ms
40ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e496c8df709faf2c11072ebc4df3106b369d3d914b065d5e806745193950527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 500448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1310
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 18:13:25 GMT
expires: Fri, 09 Feb 2024 18:13:25 GMT
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6893 0
0 95ms
91ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHPhmAK38ziCbeDvEr39JFnVketh-MukNQMY9TDiCOMPnpeJaDsfzeGHyMNmauS1L09QWnhVY-vB1Bba4qsIyw3itlXV8ZEtIQF3-z5R0WVa0hm-zpq9JUtTJfgnAzgQ44ZmOjNwiHrHD37EIZkkbVdbaspkGPch1Xjg49PHFXHT7VK2OE9_loVY9x9kpJPa2YvrxxHLNj8Ji8FoDbxMOILkK18rpQywTHJSUoZK-o7Xsa_ny2VEINVjtqxMElujad9By7hbnpo_xFxeaHbihqKak3oXWBscAIhPoIOx3w8VH4BgVMI0WbXhdiQwrc2_yJApi7SSJ-iN0uL9pcv3B-wJ1V7TT29S98JBCbp6SekRg0lO2aV7NOh88gC3-uNepjTxMSHTJaiNwP7OY6VdkEbS6KAnF9wNYrFq2iySsvfzqRIAihBGmuGSZJKrBz3Zk_5evnQ_m1CdriLEdGGcw9Q_MClIJbcg6q-dWbBCE0x4lnJmv7dQkjpFqeV_sWkRXyu6RzAqEzN9kWNsdy-ccS91jae-yPubGhOL3j6rhM21Uee949LwD2q16DlSdvznrx_PJC-kN8LOEJJFEKOCCE2EZUvo38sdO1PyYRYuq76bWX0Nu_U5qru85XZClE9feDdyThEW84WvPAX2r8jMJJRM7Q8YxQfPAk76JtkD4PRHk9vrrRZpohHHE68IWWJ6bEc3sL-nvzE4vv_XABa99en-i0ssDgTTg5p4fopJhkZkLQxbuP5MlvdTf3qz-tHpa_sR1xWvETFp8nlapr4lrK5VFEXMmoqe2gRSjBwqkesh7VzaS_h-HnNzGpdJLDuI5dUPniqqddmTDgnv_xcm14IMe1clbXt0woyV_xmLctMu-mXBSOJxJeJNWJaNq4aRGHNITrMZzc9p1Mc6ryL5mOpQ84hrV1KZswFA0E3tnlCMurNc_qj3xOncVvaHLNAytBQqcKUf4lMc0WeoZMI3yHaLAbCrs0YQCfqoLJcXN_SGtx5hxVL1lEH7PitG6-nDKu1XuiJIpFXCBjzc-AwmeQjSlkNpX5q4ujxd21Sqm6KrglIFQSJ8UgBl7o1INyyr9MlX7uAhvXpVdtAJSFPzdIRnVBxFbrra2nq2sM5INhBQyfd2_B09TXWyI4TR2QW5koFlle3oGWbPjTbixY_B0bXXn4eza8FpxA6ZwH&sai=AMfl-YTd4MClUwXLfY2T9FB1Olnk7fSn1fJGD3PpjPHLhXje4OR5PgXFCCrTW_yFDGolkfVsUSzrwnr5WEeH-Rj-82pZJsUTtVnbNpC0hpghEPcHR8Yj7bJzwBxH-Xua_5plf15abQWj6DAS5J7YOQL2STu5Aq4faOVDtzSNegNSwAbb_P75yZHXlXtNG_2J6ccLN1ew7WAZE28Db6VsS-zutvcx36pkBxYPFkNEJUjnYS6LZ5hdr9JhvdzayTIsA9ulFLk7uo6ijfDA-H-V6p4STP9m1-ftypul&sig=Cg0ArKJSzDcGmQxwdxHjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=87&cbvp=1&cstd=85&cisv=r20230213.91753&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 15 Feb 2023 13:14:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Feb 2023 13:14:13 GMT

GET
H/1.1 200
OK tag.tr
red.vtracy.de/ Frame 6893 17 KB
17 KB 9ms
9ms Image
text/javascript 3.123.211.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/tag.tr?tr_adid=k29065961_s3021957_p354299913_c183743940&tr_mid=0&tr_sync=true&tr_uid1=DC&t=2095127512&gdpr_consent=&gdpr=
Requested by: Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.211.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-211-203.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 13:14:13 GMT
Server: Apache
Connection: keep-alive
Content-Length: 17000
Content-Type: text/javascript;charset=UTF-8

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6893 41 KB
15 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 11:06:29 GMT

GET
DATA 200
OK truncated
/ Frame 6893 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5eecd4075b543495f68b7308d206da82c524e67f8baa81de2e13ebd3290a3a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 style.css
s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/ Frame C792 1 KB
481 B 42ms
42ms Stylesheet
text/css 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cbd009a40e971c1c6a4d40b5ec17c8d214721dade6e60f4e0c3d36298ca958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 452
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 09:00:24 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C792 105 KB
35 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Feb 2023 13:14:13 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/18402199775506297603/javascripts/ Frame C792 2 KB
603 B 43ms
43ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a9445ab24b50fc0945fd327d2f78da39c09571d8a103c4eb946e655b4a33e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 574
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 12:41:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
88ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021501&jk=4048269896119811&bg=!eXqlei7NAAYuhb89DoU7ADkAdvg8WmkcxK37WIWpOx4qD5zadKPPlfoOCd_U7IAVB4hUdp9X80FgE4OM299HeBQIELVF_jLxiMACAAAAdVIAAAADaAEHCgAxmcc0Ik65cIz2QhNhD7LFYUU08RFipLE9SWzYDyKl-W4Cu6WdkxeTEVKdGXEUgkMOPJkC3m1dhI1JhkRDZTiufuDucJn2JZ6yXzg3XSiqJCKIBecTiJNPpFH5dpyjwDJ2IasZHa2hJf9YuRzvAvd-o0lcMuEc3kUoxEtR4YXxSRfq7TaRRIqdHiFP66U9Mg6Gehwi4Uh6GjUgJeOwE4D-O-pCrX3nqQ8m6IyELLDu2lTTnC0wlB8yzY8CBTAAxWF05UNammuRHQiQiGkBguYx7Z88E9btF3-sPMOEQkHrX80hiO4xdJmyilhmjpSHBOhsU_VsjKOcCQWXXMckxQV-k4cslL9DAkGg0TtPfV9l6djq5UtwzKCvWyz4OJ2DgMf4BRT70LQ_HvxMza_nvqT4EidDc2YiTgFAl2grt5WstTZrX2z7ONYgT4ak3zTGx6gCdyCicpvr9DKtn07Sk3ob05ceOHgI-Nl9zsNmcMKkli0Mw7OIAWiCtm6ph_IB_yPhcjU6cd2mcwbxXikfTlpV_CTCv71Zfv12vixJZ9x43hElFkBB3Z-7bMYCRIkZAW1LxWQMmWeOWauJsxkO-M4uO_DMTiGY1A_ZqyRo0AjYgPpy3ZL93cx9HDxOqo_qWqbOmwdzdVgItA9gBDrKzeHeLEXtXP-2FjDfS8FMZyrrUkc_6la8QJc0TzSg7eqXe_DeDEGOBbzioh1iM0XRzzOMCt5IfPg_s_-u59mjwJWh39S1HoSROckwbf3YeLrNsJXfG42mZojUSQxPNVDIshtCFilLqHTDIkwFNuQiFBEyyGuTt5ODbuLtfLHlj2repUpPXqUGkAwMo-eGqcODkOAA2W9zEN4ONmYan25KFPMyiiGw0XuuvsaLUDvTRh3QWNT5fb5oWfidW-OtawaotBTF2VP3sKQM_cL2LbjyBkxfYvhsZCiAnHy3LW3LSh93M47qISQqJ4OdF7ECOu2AM2MSM7HBj6XJLnhmBrbC0HZTpDAZMUtXzLzQqud_INemazsl4FSweia7J06hpIrdhkgSO5mR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 72 KB
72 KB 136ms
135ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47518781bb73a7246909e3143eeee3afc237421fc0f960edd1a7ad6c850fc1d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 05:03:47 GMT
x-content-type-options: nosniff
age: 461426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74120
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 05:03:47 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 5 KB
5 KB 63ms
60ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15d2516caa21a7bdf93021f398b4699ece1f914f723cf2df9dd9dd1ec1064068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 10:07:11 GMT
x-content-type-options: nosniff
age: 443222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5524
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 10:07:11 GMT

GET
H3 200 layer.jpg
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 4 KB
4 KB 59ms
56ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/layer.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02381425ccf04f467636fb239213b8782ad85a9037f99e30578da2b3916360fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 23:53:41 GMT
x-content-type-options: nosniff
age: 393632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4562
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 23:53:41 GMT

GET
H3 200 push01a.png
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 3 KB
3 KB 54ms
51ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/push01a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10b2de7cfeaab0303b0200b249e3c3ecd2439980a8ea6066b0e21a7bb3f80e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 18:25:38 GMT
x-content-type-options: nosniff
age: 67715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2588
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Feb 2024 18:25:38 GMT

GET
H3 200 push01b.png
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 4 KB
4 KB 56ms
54ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/push01b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dadc92fbcde9b79ef86599c84790048999abf468f5f674da8ef7ff8df48478c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:35:04 GMT
x-content-type-options: nosniff
age: 2349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3775
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 12:35:04 GMT

GET
H3 200 push02.png
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 2 KB
2 KB 50ms
47ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/push02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

215488150cadb3aa687419bf4aef7c1004637b020cef6aa7209646b8df51b067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 05:05:55 GMT
x-content-type-options: nosniff
age: 202098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2308
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Feb 2024 05:05:55 GMT

GET
H3 200 stoerer.png
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 14 KB
14 KB 71ms
69ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/stoerer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc5e6ce36092dc91497bdd85a34c15fff12dd510315abbd312feabfd195ab317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 18:24:55 GMT
x-content-type-options: nosniff
age: 67758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14091
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Feb 2024 18:24:55 GMT

GET
H3 200 stoerer2.png
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 4 KB
4 KB 95ms
93ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/stoerer2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f88785eebc9362c93560c789e5960f8b5e501c0a4ac0f7cd817c8234c00f286a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:35:51 GMT
x-content-type-options: nosniff
age: 13102
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4105
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 09:35:51 GMT

GET
H3 200 product.png
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 17 KB
17 KB 94ms
93ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/product.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b91b4516e392e23588bc6a88dd18226b85cc120ecf2a177912c23eba152d3c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 19:37:09 GMT
x-content-type-options: nosniff
age: 581824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17028
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Feb 2024 19:37:09 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/5274390906469779943/images/ Frame C55A 2 KB
2 KB 70ms
68ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5274390906469779943/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90b67db2a8630309bc19588c41bbba046c59031aae1be685f5675ac297b621ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5274390906469779943/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:02:40 GMT
x-content-type-options: nosniff
age: 411093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2494
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 19:02:40 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F1BA 22 KB
8 KB 54ms
47ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:29 GMT
expires: Thu, 15 Feb 2024 11:06:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 50 KB
50 KB 103ms
102ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97ee1ee60b05506f81c50fa17e768fdd653bae5750328129be0a71e40e7b8c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:40:32 GMT
x-content-type-options: nosniff
age: 52421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50833
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Feb 2024 22:40:32 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 3 KB
3 KB 63ms
60ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14ea53201f2569bb352a4bfa01fb0a82fb1db9dd9828ae77d7221e40e5b5bb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:53:49 GMT
x-content-type-options: nosniff
age: 15624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3387
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 08:53:49 GMT

GET
H3 200 layer.jpg
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 2 KB
2 KB 64ms
61ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/layer.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f1970784ecd196f4be187a329efd6c9cc1cd091d0b9cdc0d7876333aebb8a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 18:13:09 GMT
x-content-type-options: nosniff
age: 500464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2115
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 18:13:09 GMT

GET
H3 200 push01a.png
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 2 KB
2 KB 69ms
67ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/push01a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c9b2b18240b181a21ba0eaa3d3770c1432444d1c0332904eea5a871daa7138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:06:16 GMT
x-content-type-options: nosniff
age: 4077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1664
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 12:06:16 GMT

GET
H3 200 push01b.png
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 3 KB
3 KB 65ms
63ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/push01b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da3696f109e5729da0c6c20124ec49f9e8ed7dc39f6744ff81c1230c4a189e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 00:14:38 GMT
x-content-type-options: nosniff
age: 133175
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2564
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Feb 2024 00:14:38 GMT

GET
H3 200 push02.png
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 2 KB
2 KB 69ms
66ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/push02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ed95f5118b1582b90e655bad2af954904677d9e630a2dade8ef4b1a2d548307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 18:13:09 GMT
x-content-type-options: nosniff
age: 500464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1641
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 18:13:09 GMT

GET
H3 200 stoerer.png
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 9 KB
9 KB 65ms
63ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/stoerer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

083c62be96044cfd0fae3888aca6fd4e87686e1334e99de7703545dbc9461ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:32:06 GMT
x-content-type-options: nosniff
age: 2527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8956
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 12:32:06 GMT

GET
H3 200 stoerer2.png
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 3 KB
3 KB 63ms
61ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/stoerer2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebd60eb21d467fd8be75e1ec6fbd0cd7bfb154c612fbaaf3808346b4bbacfade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:42:31 GMT
x-content-type-options: nosniff
age: 1902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3462
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 12:42:31 GMT

GET
H3 200 product.png
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 14 KB
14 KB 70ms
68ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/product.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8d4f0307cb7b2d1ddd75494c0feaedb06225b7fb2d3b9e87740a4fcce80e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 18:20:46 GMT
x-content-type-options: nosniff
age: 68007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13983
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Feb 2024 18:20:46 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/18402199775506297603/images/ Frame C792 2 KB
2 KB 69ms
67ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18402199775506297603/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73b9c61568b437763c1552c67d4516ed7014a4c5277af7bc6f104a1009a62e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18402199775506297603/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 07:11:58 GMT
x-content-type-options: nosniff
age: 21735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1782
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 10:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 07:11:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7740 0
20 B 81ms
81ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt4GvpNrsY_m8L-vC7_UPldSo4A4AAAAAOAHgBAI&bg=!s7ClsOTNAAYuhb89DoU7ADkAdvg8Wo6nUW6iCAfaK63Y1RFv5KPyVtze7cnZkP-3ycwg9WUAHg47GFMK131u9Dw1njnymn8c8OkCAAAAxFIAAAADaAEHmQNA_KcW3X3X4vDfJ-tlvkMzLJ6GEcmERnu8QD4YlIlSisTzB0Qpk5GF26pRGaeyQRCczPpCbFpVNWjWWhsMoIvQcVt6P9ED1GaLhm5j1pUZx_tx65AotygS4yw8QATys11eCdAP7pThv82I0NEwDXCmNuNFd8jKNUkbpeKK-iVEvcfFpBfZ2ta9RRq6HgooiAbpnLcSXZNBtR7MnOV2fI78QB1_qZvVjGa40HdWzjply67x_WTsCmxrnEetS0Yyyx3pS7KhAMK_cXZjllDy2Gd2p950Ov3RVwQAqxAIEcv76PkO7RX247OWKr7-wEGeM5VFwVAAEC2u1RFDPA7GbbUncNENK0_dxD09VUYJMlBy7VjvkasP2MbApkDO1mt0hiTnx4O7TD7TKJ5HqdjJRA2134IQ8NStMJ0vz7WMT3kthflrZxAJFfJdHBb9zcfH2zd7c66b0BmIHa-FeNILhBozYucZnJ2dZ-HfvaEb-2EqHQMCyAOAKytUB3-94_4bhMRg56-R8BEFShE6Laifx0nJgZANe5DJ-bio3EaHhj71s_wj2eNH3NtaOW5j5FtH1YmckazHtvDtZSC_hK1FCpVE2CIsUfZdRxdheNQWZlXfscJx4bKfNvgJvpBqPRmSC9mgG6sATlrInoLYfwFvwjnJ3tLMJ60DkJP3oDFmTdgm0DlFJn7C0sZ4cSMar-NeCxOjXzmMrEoZW_Z8IYyrL_0caVd7SPwUG3rKFCwiX-udPxCwVtpi_BeBwaECslnrd9T_7rLV2-87sJR-DiSwZGJrVyyq3ezZVI9N-lp3tMDXVKIjShaiup0jQ_MdaH4XT66F0spjugZlsnn8QVY-pCxGk1JuWm4NvintBr4DVeccK7bksD6ZmB_kwPJaS4GSZMK3FEMP518-m_x34kuR2S3qbZpn7FCV3_Kzc5yVGQjqAKOO2F87qfRhOl1O7Mt5pjpu5ET_H5mNrF1UUE0p4U3whuwavMTPg3enbpLTjPJX88ZxPVruoP63AwVafKDmAnAPy8TroDxYdlkgoXZpBRRutUjUaW2_YRicbCQCK0lJUnVIi4PRF7KfG9mWWrtZTWkWv45lL5WFoxMnVufL9u_c2Q

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F1BA 36 KB
14 KB 50ms
46ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14458
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 06:22:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6893 0
0 83ms
82ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHPhmAK38ziCbeDvEr39JFnVketh-MukNQMY9TDiCOMPnpeJaDsfzeGHyMNmauS1L09QWnhVY-vB1Bba4qsIyw3itlXV8ZEtIQF3-z5R0WVa0hm-zpq9JUtTJfgnAzgQ44ZmOjNwiHrHD37EIZkkbVdbaspkGPch1Xjg49PHFXHT7VK2OE9_loVY9x9kpJPa2YvrxxHLNj8Ji8FoDbxMOILkK18rpQywTHJSUoZK-o7Xsa_ny2VEINVjtqxMElujad9By7hbnpo_xFxeaHbihqKak3oXWBscAIhPoIOx3w8VH4BgVMI0WbXhdiQwrc2_yJApi7SSJ-iN0uL9pcv3B-wJ1V7TT29S98JBCbp6SekRg0lO2aV7NOh88gC3-uNepjTxMSHTJaiNwP7OY6VdkEbS6KAnF9wNYrFq2iySsvfzqRIAihBGmuGSZJKrBz3Zk_5evnQ_m1CdriLEdGGcw9Q_MClIJbcg6q-dWbBCE0x4lnJmv7dQkjpFqeV_sWkRXyu6RzAqEzN9kWNsdy-ccS91jae-yPubGhOL3j6rhM21Uee949LwD2q16DlSdvznrx_PJC-kN8LOEJJFEKOCCE2EZUvo38sdO1PyYRYuq76bWX0Nu_U5qru85XZClE9feDdyThEW84WvPAX2r8jMJJRM7Q8YxQfPAk76JtkD4PRHk9vrrRZpohHHE68IWWJ6bEc3sL-nvzE4vv_XABa99en-i0ssDgTTg5p4fopJhkZkLQxbuP5MlvdTf3qz-tHpa_sR1xWvETFp8nlapr4lrK5VFEXMmoqe2gRSjBwqkesh7VzaS_h-HnNzGpdJLDuI5dUPniqqddmTDgnv_xcm14IMe1clbXt0woyV_xmLctMu-mXBSOJxJeJNWJaNq4aRGHNITrMZzc9p1Mc6ryL5mOpQ84hrV1KZswFA0E3tnlCMurNc_qj3xOncVvaHLNAytBQqcKUf4lMc0WeoZMI3yHaLAbCrs0YQCfqoLJcXN_SGtx5hxVL1lEH7PitG6-nDKu1XuiJIpFXCBjzc-AwmeQjSlkNpX5q4ujxd21Sqm6KrglIFQSJ8UgBl7o1INyyr9MlX7uAhvXpVdtAJSFPzdIRnVBxFbrra2nq2sM5INhBQyfd2_B09TXWyI4TR2QW5koFlle3oGWbPjTbixY_B0bXXn4eza8FpxA6ZwH&sai=AMfl-YTd4MClUwXLfY2T9FB1Olnk7fSn1fJGD3PpjPHLhXje4OR5PgXFCCrTW_yFDGolkfVsUSzrwnr5WEeH-Rj-82pZJsUTtVnbNpC0hpghEPcHR8Yj7bJzwBxH-Xua_5plf15abQWj6DAS5J7YOQL2STu5Aq4faOVDtzSNegNSwAbb_P75yZHXlXtNG_2J6ccLN1ew7WAZE28Db6VsS-zutvcx36pkBxYPFkNEJUjnYS6LZ5hdr9JhvdzayTIsA9ulFLk7uo6ijfDA-H-V6p4STP9m1-ftypul&sig=Cg0ArKJSzDcGmQxwdxHjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=334&vt=11&dtpt=247&dett=3&cstd=85&cisv=r20230213.91753&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Feb 2023 13:14:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9775 0
0 83ms
83ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstN1VXkYbFuSwfV-SzhBhcD58Dmj-Qyes779hP49Qh_I9qToaEvS8xxMbj9V-hHvxLCy0Vmtyn_sKnmdztnE2O2bpGrvn1BBDmuCAgxu_ClBmGLsmZ_Eoaxd1x0vunw29Clsp-v2Nj6ykil5djeUmH4hzv7aUjQQAX5EAcxovxY7CElFjiuyLOOBFE-kFL42EL2qvWDNVs022rViD5urbrQ7HBJpDVgPKbL6lTCw4PAzUFmJV-XgBATFf4VmFJCJEZGoHXYkRm3JLcu9_djDvqm2Ob2payQR_-8kzY4rMSPVoHtue4Lm_beh5nMKjUQ_Z6x7W_EjYjIx5-4cCfPAJcmvD9XiPFPyTemHD8S2Dltnbp-03ptE-IaRdu7MoExbjutiDce-3GRSmvpCohA0NhkLInA99FhQYbdxELX5pLRZCDR8ebGqOsIV2DtTvRwJmwouqBtxLiBmy0tgwaJdRlRxs27c--EN4Mcn3vyR8X81ClJwXClKTs1MV8R9MnwwQvQ0eEboUW7i4hjdoaT9NnCzVo5UaM5o2_FrqqlgtXdqQxfEw6tPcMd0qbUhxQC5OeZZixIihcXaOlXiWljD6i_zv7uri5l-3d7yHBalNY0pN1lla2O4pSqzHk85aKB_oNIB2OoSzB-wzxvG3mlCQdV3Q21D89LfpS4PlADWPoEhdC67vVZzove2Zi4z1AAQmb6VVTB-8TBlJSUH7B0OMhRfAyUWgLvGxWiR9aqbv56ca0a7lcKkQO51p4JqUldyR9UlUQciGxB8pKXNsxzj4DEtu0SD1-nyEhUxe54CEhp5YcwnJZ7LYUzVpkFxfYSA8PN_jvFuN6n9eaMMpOcoqVvnNdKShU7Tlaw4F3nVKMAEVEbWi0T4DT14G6GFJ-mxrrbeCuT36ejdGGVw1dqO1fGAZalwYAYDAMSh6DpDYzz5BYwnKV5QWmrP_wbVT5wn-OP_ucpeRyXxgfK9Ex63ecLpv3bFM8J1zV5WaJ51dihQwpHh7MYpCFqXWSWlMQCnQijN6z0Yx6HZ5KoVQ87YB1PSRv7GPIOHDmizl60CyzEXrsP0TaBxwUh4DYSGe867u3UHGpMSgKU-yqnVkhSOffi45Wpf96CGNpDja6GP6w-gF81NFjs5Fz8HXw8NcVmpZVFtyoScSpPHnG4-JtSCnKGbVdi3A&sai=AMfl-YTLfrtDw-Zm3HPeJSCLRjRzdez7RZqb8sQ7tA7KWiRGcpR5ZCuhUr_RBRihkJagYsMRP6OF5eZ9A9-CwhwqUtSUlkVWgr8ItvxBj9GbBO0ZM1fTdM5Jm82WGfnn7gkIWrPbhU9Wngal212zFgXvyUOnU0sybdoUwFWMQQfwOegLhAXl3OfaLf11Ms5ukofw5wnwuTKsXmMc-Gog_Us8smPSSTuKWZTFHMoyuf06XaSDdwKiqBqfgFeMN2AsDv5WxvOF3SFWL5oJA_tkfP44YThqOqzT486Gu4Zv&sig=Cg0ArKJSzFTna908OKW4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=622&vt=11&dtpt=391&dett=3&cstd=228&cisv=r20230213.90677&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Feb 2023 13:14:13 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 015F 42 B
64 B 82ms
81ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsx2hVrZRWI4BAVySwX38I2qZw7RSNqKge_gi4bRYjuhxkXQZ1SaPdeCL0kwcljpkjDfek3D7PN7B2b6yiRdYVGHMBk7gC2ICBAextNhk-2cY3thV99MSKZo1pWwMrvvl1V2wesQ&sai=AMfl-YRTGqTuoeeJjSG4v5wp7Nst5NMfxaTY6RsVfsAX2rAdxcmK-WyyCM4RtzZxC5VSBHSH11qGrHalMzjFcaIuyTBsd55gp-dtGxklclPL1VwbUuav6_pdTVEXd04dDdsbbXRBD5aEMx2RoTro&sig=Cg0ArKJSzHOPRLlUz5GlEAE&cid=CAQSSwDUE5ymgoopdu_uaPsnFAx7PgSSvrGthFUqG_wiEQ8vKNBSouGULaxKC4KTe7vLmIt_uhKpQwb54XDPuLLIQYU3MJUUcH2Ydg76oBgB&id=ampim&o=315,104&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,0,1007,1007&tos=0,0,0,1007,0&tfs=344&tls=1351&g=100&h=100&tt=1351&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1BA 0
20 B 82ms
81ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTs1IpdrsY723BaSnx_AP2c694A0AAAAAOAHgBAI&bg=!ra6lrvrNAAYuhb89DoU7ADkAdvg8WhRUl0EfRHAxFUEYIMUqHQNFSFRa8O3FjjYQRsdfZzzH9wGCK_cYmmiPLkALB9pTZc-223ICAAAAblIAAAADaAEHCgAv6kz5oSXvblaXYTAQiSfkG5CRypR7YQQe104V1h-03PPqkVgdSf2Y_WbyFHqbOkiZA0rgAUnm5T74V5lxL9VRBEruvWOeCZ48AebTJtM7buq9aOJpSqkr7JXh2ItYIBysB0yo6gn9C9zmlHA1gk34p-DuKhowGQEnuMPi28e-Xpg4AkISN1GaBI-CCjx9zdp8Z6PP2cCHJECFILZTGj3CQgRO_X0-AELQDHf6cx-KWP7TT5tDSpQocHdbugxX65UOUI9mbbm7WFDj-3-pqOzqMWVMN8z1hdbQdpuWbx3yqR3TNb9qjsA6Juk5vp3rCUw8gPokOmdhEpQh_Kq1p4ZRrNhBdhn4OGFsn9b4otKsTG14cfKzQ7Y5tUDYbl_SSMj5E2cMEDykeSMIZeNZi8ntFUaBVycdE9QWsISKUjMDHzYMUKIBsHfvGbFG1A799zec1uaxXOfOfPDK1_eD06nyJZmGsM23az7KOdfMUJ7t93SvcjswRRYnYBK60HKke2IXnNLnqyYTct2plz1xZzvCHT0ef31NV5SIxyIF7yqhH1OoU6OrM1KJKKx9zHgyYud_9kUJ8yx0zpeMK7ubQ-It2fNt32BY8qBuZhDjuDSMd2z9VrKePlrdMfkFFH9mWmoTZnuLZgnb6C4nWi6SJTwp6t4uNXRFGOZlcYbATWihYIVs3R8qDNiK16DESmXzHIS_66oz9cY-GwHq3LRW-QZgSE_zCwjDPF1VWw8gv78Yeudnq94eUb4kKpwDM5snqu5EmxfkXkU5DU3uFvfnmdaWnXMtwHLz6KcMncM3zsqeCoMrr5dslQGFu8UwrLpo7xkEa-Uf51fCr_LOFo51tt3NTmj318y5acWFnX9tgOEfqbtNPZALOMdvtUVNjqjifn8izkTs2s4BY6VShZ_E8myUBaeYJgaTJ6_HV264W3GLKPvm2faZ-nd9ZhR-cbvkbtbvCByi9bxoFqqy6b6aKb1oRjiznNiftBa_a4fW7aaLktaT29vT4Ulq-6FMxY6WTUzKr9tQX3BbmJcc6hPQTi36uWbkG6nnvFpxU5XR4x7943NT79-5Rx-O-DTgqxsjZ8wLWraDnNs_E2gLKYhLmqBxBirwtF5wpsquhqfiOzNPNfueDbcpOV9cIWXOywNMwLumpp_g-2_E81CaIDQMDMrrQ3O_8i7GG8ACnKYkGQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9775 42 B
174 B 83ms
83ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstACfIYB5kIR6vRlb5H3vYrCLDO-hyTjAWXfOTs46aPWxhQuzXmvjY02E8ayH2MFWrlRlnMWxlqhfBz-AmL3-fRcLs1tK0UvtbeEw-5uzkej67kg-Iv3kE5K2kJn4FaeuZkaURsA&sai=AMfl-YQMbX68Cbufj-WkKkIni12GpFX1tLxK1BwJubMH2bY_2WN9OvbVmCDIPpxITqrrt7OX675DvsPoPc738RPcwoK2q6coyzlP6uvo7QIxf_G9ay4KfMlmnJQngcXw2nkvQXP8ImIM3uU1jS-ixA&sig=Cg0ArKJSzBDav6ILFyNfEAE&cid=CAQSTADUE5ymJT7BPyxjLkO3tdZLCWSIFwPb54kV_4YJ-bq5JnabbS_SdQ-t103lAdSxBfbGXCvHzQoGuGeXPZCvlAsp5jqQgkq2n6SBmygYAQ&id=lidar2&mcvt=1000&p=577,1303,617,1344&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=104307128&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676466852353&rpt=637&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302031721000/ Frame E10A 222 KB
60 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Feb 2023 20:58:04 GMT
age: 58570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "c31ac511828178f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Feb 2024 20:58:04 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame E10A 15 KB
5 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 18:09:23 GMT
age: 155091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "031ab09f7d5e6c1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Feb 2024 18:09:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame E10A 94 KB
28 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 06:48:01 GMT
age: 23173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28880
x-xss-protection: 0
server: sffe
etag: "1d865d9ba0a59851"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 06:48:01 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame E10A 5 KB
2 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 18:09:23 GMT
age: 155091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
server: sffe
etag: "2b4961eb83980a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Feb 2024 18:09:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame E10A 40 KB
13 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 19:18:01 GMT
age: 150973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "06b4b5a97f01e05a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Feb 2024 19:18:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E10A 8 KB
1 KB 186ms
70ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 13:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 11:32:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 13:14:14 GMT

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E10A 3 KB
3 KB 49ms
48ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:11:59 GMT
x-content-type-options: nosniff
server: cafe
age: 135
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2687
x-xss-protection: 0
expires: Thu, 16 Feb 2023 13:11:59 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E10A 295 B
319 B 49ms
48ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:28:34 GMT
x-content-type-options: nosniff
server: cafe
age: 9940
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 16 Feb 2023 10:28:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E10A 0
0 90ms
90ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkDYYpdrsY5q3Ee3Y7_UP9422uAWrhPT8a6DTkaOhEc6Focr2ARABIJ_O9n1gleKQgqAHoAGjnMzwAsgBAakCa5nSKhz-sT7gAgCoAwHIAwqqBPwBT9BgTxDa7KOgnqcuULPkWJqGrGqk4ox9HMi_f7VnWpvO59kOOWeVyaOUiwcX5Uv3ypc4N0oXTbSQjhM2WztlTbCM9rxRkNb29Uvx_dgVxjyJbMfl2Ls1xqmGJSQFn4inphi9BDUB_dm0r_pSVbYdN2o-yWpcExVF0RL-M2Ebeaht4nqGnq4OX7aYYXv-bVl7sJNXHyb73vjSuyV3UfnH1mGHRg4zzuznESUqqLaJW7zqwcB-ya3Zq7Ecq14Q86IINoJkae2EhO5KfpL_9fXzVxOs0--sg-FCLl79PWW09TldVlFtDghVujTL2TyFW5dTy2QUvcQyV37l02xawASS77HSogTgBAGSBQQIBBgBkgUECAUYBKAGZoAHxeOzjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRDB9dAD0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwyIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTc1NzA2NDcyMzkxNzk5ORiZgXQ&sigh=jBQfOubz8cU&uach_m=[UACH]&cid=CAQSOwDUE5ymgiSHApvZQvFubJsvk8HMWxErjiE51iJQAZ7XlOBW33UExlEZM5oTynWcbd98K3UDMnp3Uf5rGAE
Requested by: Host: utua.com.br
URL: https://utua.com.br/co-cc-mastercard-joven-bancolombia-p1/?utm_source=clevertap&utm_medium=email&utm_campaign=co-utua-ct-email-cc&utm_content=co-utua-ct-email-cc-p2-aqui&utm_term=co-utua-ct-email-cc-p2-aqui-05
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je32d0&_p=351851535&cid=887983087.1676466851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=6&sid=1676466851&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&dt=%C2%A1Descubre%20la%20tarjeta%20de%20cr%C3%A9dito%20Joven%20Mastercard%20Bancolombia!%20-%20Utua&en=ad_impression&_c=1&ep.query_id=CNqdktrNl_0CFW3suwgd94YNVw&_et=1417
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E10A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9f5d85ce5ec454a2d7032fca0b2876e3d7ad3c2e6e0c8fbc74fd74c1a54021d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6893 42 B
64 B 83ms
82ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulBh_FJHuI5Kh8uVpeq_y0XLHzhMTFQwEhsYntaTj6pt55uQeJRcaFBbjk2P2yhxTUI7oMNYmzOhnU94y4N5fT_sNi3BGBU8M-Be2Ki6EeCBq4fK17rLF-WZM2jwxB5osw3PoapA&sai=AMfl-YTzNsQ_bf1oq8UJ4UuW3bs2rm0yT0nh_kVtO4nkxl4sBdlG73ckRyiaNue-KJ8yNLcYltWAVbrIsrWIc3W7bwss46rVso22LJnMPbgQS4tURsZNB0UlXOSTnXL2_hjIyhUwXPOKa-CXqzdF&sig=Cg0ArKJSzHXWG7qXLfNcEAE&cid=CAQSSwDUE5ymgP4TQ1FtY9vDrN-Oom2TCvUoXniIOST1rlirgpLdTTQ7ifBcXN78tHyL7SE855pUpcbyja8h2wze-7OumvZ-UJzm-2-SXhgB&id=lidar2&mcvt=1005&p=1062,475,1312,775&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&v=20230213&bin=7&avms=nio&bs=0,0&mc=0.55&if=1&vu=1&app=0&itpl=20&adk=454338126&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676466852859&rpt=426&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E10A 28 KB
28 KB 921ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://utua.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:10:43 GMT
x-content-type-options: nosniff
age: 151412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 19:10:43 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6893 0
20 B 79ms
78ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6538653231369&version=m202301300101&ct=76&x=1&cor=6586202603114011000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
52ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utua.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 129 KB
34 KB 984ms
984ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048269896119811&correlator=1851313808516743&eid=31072119%2C31072498%2C31072427&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fifs&iu_parts=21862753527%2Cutua_desk_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=687659283&sfv=1-0-40&ists=1&fas=8&eri=1&cust_params=request_uri%3D%252Fco-cc-mastercard-joven-bancolombia-p1%252F%26utm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05%26placement%3Ddirect%26hour%3D13%26dayshifts%3Dmorning&sc=1&cookie=ID%3D491b3302e9054bf3%3AT%3D1676466851%3AS%3DALNI_Maj4WU5jggHVTrrzvi5MplfS1FPNA&gpic=UID%3D00000bb721de7579%3AT%3D1676466851%3ART%3D1676466851%3AS%3DALNI_MZgNl549zx7RhVqAjCI3JzZtpMkMA&abxe=1&dt=1676466854525&lmt=1676466824&dlt=1676466850939&idt=549&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=887983087.1676466851&ga_sid=1676466852&ga_hid=351851535&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e0c1c172cc5c2b470f3e69dd529490e01c2dc36835ef0db0e77fbbdd150dd5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35157
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2023021501.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023021501.js?cb=31072498

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb9a7b6f947b03e6b85ae89751c94270cd911c8721fd9efafa666ffcb66c441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 09:35:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 15 Feb 2024 11:45:28 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9775 0
20 B 80ms
79ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1440277597100&version=m202301230201&ct=76&x=1&cor=16125874539133600000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 76B0 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utua.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:14:12 GMT
expires: Thu, 15 Feb 2024 13:14:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 21ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y1WZWFMSQF&gtm=45je32d0&_p=351851535&cid=887983087.1676466851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=7&sid=1676466851&sct=1&seg=0&dl=https%3A%2F%2Futua.com.br%2Fco-cc-mastercard-joven-bancolombia-p1%2F%3Futm_source%3Dclevertap%26utm_medium%3Demail%26utm_campaign%3Dco-utua-ct-email-cc%26utm_content%3Dco-utua-ct-email-cc-p2-aqui%26utm_term%3Dco-utua-ct-email-cc-p2-aqui-05&dt=%C2%A1Descubre%20la%20tarjeta%20de%20cr%C3%A9dito%20Joven%20Mastercard%20Bancolombia!%20-%20Utua&en=ad_impression&_c=1&ep.query_id=CJSj4drNl_0CFTrnuwgdC04Biw&_et=1270
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1WZWFMSQF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utua.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utua.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 76B0 4 KB
732 B 70ms
70ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 13:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 12:08:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 13:14:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1091 8 KB
968 B 70ms
70ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 13:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 13:13:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 13:14:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 1091 2 KB
765 B 47ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 1091 22 KB
9 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 1091 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 1091 20 KB
8 KB 50ms
49ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1091 156 KB
48 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 13:14:15 GMT

GET
H2 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 1091 34 KB
14 KB 180ms
48ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 May 2023 10:30:11 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/ Frame 76B0 19 KB
8 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61cfe1e4bad8332eaf07240b9a18cd9c20f55c526e9c0b9ad9bf3255265c695d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 4522959314154213365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 06:09:07 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 76B0 205 B
518 B 187ms
59ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:31:48 GMT
x-content-type-options: nosniff
age: 6147
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Feb 2024 11:31:48 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 76B0 604 B
694 B 187ms
60ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:41:47 GMT
x-content-type-options: nosniff
age: 5548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Feb 2024 11:41:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2717 1 KB
643 B 50ms
48ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:29 GMT
etag: 48472445140208031
expires: Thu, 16 Feb 2023 11:06:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2717
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKukP4qKXcu55L2o2VHHAwM&google_cver=1&google_push=Aa02lx_MtsLcOdFhIHWnbK04ZKPsYoGNOmUOougq0L4bgUE4SsXD6yTiTBgXTNF4tBkJrr0hYGVfsVxWLhxd6zPE...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_MtsLcOdFhIHWnbK04ZKPsYoGNOmUOougq0L4bgUE4SsXD6yTiTBgXTNF4tBkJrr0hYGVfsVxWLhxd6zPEqvrBGa1itJZ_

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_MtsLcOdFhIHWnbK04ZKPsYoGNOmUOougq0L4bgUE4SsXD6yTiTBgXTNF4tBkJrr0hYGVfsVxWLhxd6zPEqvrBGa1itJZ_

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 15 Feb 2023 13:14:15 GMT
Server: MT3 457 2362390 master zrh-pixel-x9 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_MtsLcOdFhIHWnbK04ZKPsYoGNOmUOougq0L4bgUE4SsXD6yTiTBgXTNF4tBkJrr0hYGVfsVxWLhxd6zPEqvrBGa1itJZ_
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 15 Feb 2023 13:14:14 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2717
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDyNA57-rwSoo4Ehh99xRyw&google_push=Aa02lx-1at_zLG9D-BI6AlNmgZhYimHJBUpOB7mYDGT9_NCuJdMqOA4ao5...

170 B
188 B

47ms
46ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDyNA57-rwSoo4Ehh99xRyw&google_push=Aa02lx-1at_zLG9D-BI6AlNmgZhYimHJBUpOB7mYDGT9_NCuJdMqOA4ao5Scx_rszW7tPwXG-DJIYh_OFrboJ1nVp8qjwBMkPC0b

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220053-HHN
pragma: no-cache
date: Wed, 15 Feb 2023 13:14:15 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1676466856.822524,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDyNA57-rwSoo4Ehh99xRyw&google_push=Aa02lx-1at_zLG9D-BI6AlNmgZhYimHJBUpOB7mYDGT9_NCuJdMqOA4ao5Scx_rszW7tPwXG-DJIYh_OFrboJ1nVp8qjwBMkPC0b
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2717
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEODdXmY08XZpMVX6oeQNH8k&google_cver=1&google_push=Aa02lx9pRp0l18W4DY7Unwv_nYkZmy1wllQV9NCMbSgGx8wZxFbMmqeezKjKAhMhRrJgiFIO03gj_zlK9d9YOp9nz-_6...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEODdXmY08XZpMVX6oeQNH8k&google_cver=1&google_push=Aa02lx9pRp0l18W4DY7Unwv_nYkZmy1wllQV9NCMbSgGx8wZxFbMmqeezKjKAhMhRrJgiFIO03gj_zlK9d9YOp...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a87a6e13-82bf-4ae1-9f5d-b586cf0b1a2e
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a87a6e13-82bf-4ae1-9f5d-b586cf0b1a2e
https://x.bidswitch.net/sync?dsp_id=4&user_id=53df69f2-0782-4cd6-acdd-dc9da51db38a&ssp=google&expires=30&user_group=5&bsw_param=a87a6e13-82bf-4ae1-9f5d-b586cf0b1a2e
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9pRp0l18W4DY7Unwv_nYkZmy1wllQV9NCMbSgGx8wZxFbMmqeezKjKAhMhRrJgiFIO03gj_zlK9d9YOp9nz-_6YrOcQcFR&google_hm=qHpuE4K_SuGfXbWGzwsaLg==

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9pRp0l18W4DY7Unwv_nYkZmy1wllQV9NCMbSgGx8wZxFbMmqeezKjKAhMhRrJgiFIO03gj_zlK9d9YOp9nz-_6YrOcQcFR&google_hm=qHpuE4K_SuGfXbWGzwsaLg==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9pRp0l18W4DY7Unwv_nYkZmy1wllQV9NCMbSgGx8wZxFbMmqeezKjKAhMhRrJgiFIO03gj_zlK9d9YOp9nz-_6YrOcQcFR&google_hm=qHpuE4K_SuGfXbWGzwsaLg==
date: Wed, 15 Feb 2023 13:14:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2717
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHERLAN0SQDPjN-aySb-EdA&google_cver=1&google_push=Aa02lx-JFvcrJRKIXBJpZn_eLY9op0bICEf9ctOwvVPGytKG1dG7frF3tbvicWAw_P8ORBtS-CH...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU1UDJXU0MtUy00NUFG&google_push=Aa02lx-JFvcrJRKIXBJpZn_eLY9op0bICEf9ctOwvVPGytKG1dG7frF3tbvicWAw_P8ORBtS-CHnEc39ieqjtNZ9Ev8chUMK1wc

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU1UDJXU0MtUy00NUFG&google_push=Aa02lx-JFvcrJRKIXBJpZn_eLY9op0bICEf9ctOwvVPGytKG1dG7frF3tbvicWAw_P8ORBtS-CHnEc39ieqjtNZ9Ev8chUMK1wc

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU1UDJXU0MtUy00NUFG&google_push=Aa02lx-JFvcrJRKIXBJpZn_eLY9op0bICEf9ctOwvVPGytKG1dG7frF3tbvicWAw_P8ORBtS-CHnEc39ieqjtNZ9Ev8chUMK1wc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2717
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO1kZwBjABUi2s5yp_A6mPw&google_cver=1&google_push=Aa02lx--IEwBYiOAldjq3NdnY17_vUVgBApfK6dd3_xYoDnbbAHUlgtc4C5CGHBYmHNT5aDN56c8XtzY1ngG...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx--IEwBYiOAldjq3NdnY17_vUVgBApfK6dd3_xYoDnbbAHUlgtc4C5CGHBYmHNT5aDN56c8XtzY1ngGIcoEr3c1371F8NeQ

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx--IEwBYiOAldjq3NdnY17_vUVgBApfK6dd3_xYoDnbbAHUlgtc4C5CGHBYmHNT5aDN56c8XtzY1ngGIcoEr3c1371F8NeQ

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx--IEwBYiOAldjq3NdnY17_vUVgBApfK6dd3_xYoDnbbAHUlgtc4C5CGHBYmHNT5aDN56c8XtzY1ngGIcoEr3c1371F8NeQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2717
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEC4UDRci5y6n-DZgwC_pfCg&google_cver=1&google_push=Aa02lx-6BBJdnusfK02FQJCC6ODAAkCL-OKIuhlMTEnVAwclAFkkbmj_yuqmrLwxOB2Sl81eYIpiaObloR0pLFgy4uBj9t...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEC4UDRci5y6n-DZgwC_pfCg&google_cver=1&google_push=Aa02lx-6BBJdnusfK02FQJCC6ODAAkCL-OKIuhlMTEnVAwclAFkkbmj_yuqmrLwxOB2Sl81eYIpiaObloR0pLFgy...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mbXam9rJTJKTF4KC6GhhKw&google_push=Aa02lx-6BBJdnusfK02FQJCC6ODAAkCL-OKIuhlMTEnVAwclAFkkbmj_yuqmrLwxOB2Sl81eYIpiaObloR0pLFg...

170 B
188 B

48ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mbXam9rJTJKTF4KC6GhhKw&google_push=Aa02lx-6BBJdnusfK02FQJCC6ODAAkCL-OKIuhlMTEnVAwclAFkkbmj_yuqmrLwxOB2Sl81eYIpiaObloR0pLFgy4uBj9tow2c8j

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mbXam9rJTJKTF4KC6GhhKw&google_push=Aa02lx-6BBJdnusfK02FQJCC6ODAAkCL-OKIuhlMTEnVAwclAFkkbmj_yuqmrLwxOB2Sl81eYIpiaObloR0pLFgy4uBj9tow2c8j
access-control-allow-origin: *
date: Wed, 15 Feb 2023 13:14:16 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2717
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEt_Bm_nhJCRTwwgUao1WaU&google_cver=1&google_push=Aa02lx8LdOCvQ_cNPYwjSUVh9PJru8WbTwWxFGTxsaX1G83eVLTU7tNcHRr32Nt0LCDXwJ0eZsdZxPD6CCgz9zhe6c6JeLKqcQ
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8LdOCvQ_cNPYwjSUVh9PJru8WbTwWxFGTxsaX1G83eVLTU7tNcHRr32Nt0LCDXwJ0eZsdZxPD6CCgz9zhe6c6JeLKqcQ&...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjQ2MDI4MTA1Mjg1ODA0ODIyOTM0&google_push=Aa02lx8LdOCvQ_cNPYwjSUVh9PJru8WbTwWxFGTxsaX1G83eVLTU7tNcHRr32Nt0...

170 B
188 B

47ms
46ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjQ2MDI4MTA1Mjg1ODA0ODIyOTM0&google_push=Aa02lx8LdOCvQ_cNPYwjSUVh9PJru8WbTwWxFGTxsaX1G83eVLTU7tNcHRr32Nt0LCDXwJ0eZsdZxPD6CCgz9zhe6c6JeLKqcQ

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:14:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjQ2MDI4MTA1Mjg1ODA0ODIyOTM0&google_push=Aa02lx8LdOCvQ_cNPYwjSUVh9PJru8WbTwWxFGTxsaX1G83eVLTU7tNcHRr32Nt0LCDXwJ0eZsdZxPD6CCgz9zhe6c6JeLKqcQ
date: Wed, 15 Feb 2023 13:14:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2717 0
12 B 48ms
45ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INTW7JgSKF7Lh9pykE0gS41jR0sTqqul2PvgCr8Jkt0fycJI5Ptscrll1HGy3Ywwpos_Ek

Requested by

Host: ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
URL: https://ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:14:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.utua.com.br/	1970-01-20 11:50:42	Name: _gcl_au Value: 1.1.346129039.1676466851
.utua.com.br/	1970-01-20 19:17:06	Name: _ga Value: GA1.3.887983087.1676466851
.utua.com.br/	1970-01-20 09:42:33	Name: _gid Value: GA1.3.2067386667.1676466852
.utua.com.br/	1970-01-20 09:41:06	Name: _dc_gtm_UA-146231564-5 Value: 1
.doubleclick.net/	1970-01-20 19:02:42	Name: IDE Value: AHWqTUmAfasnUi5iI7-maO5ryADAa1dppZx6QxC1EKxpDCrgG2qQjfR3-bWEilIbOmk
.doubleclick.net/	1970-01-20 09:41:10	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 11:50:42	Name: uuid2 Value: 4712285410924458581
.casalemedia.com/	1970-01-20 18:26:42	Name: CMID Value: Y.zapJ8BCN.Y6t0NJFJ45gAA
.casalemedia.com/	1970-01-20 11:50:42	Name: CMPS Value: 5267
.casalemedia.com/	1970-01-20 11:50:42	Name: CMPRO Value: 5267
.adnxs.com/	1970-01-20 11:50:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?_j`)_i!]tbPl1M>e)ZlrFUfJ+tGXxp$HU*-[[K_x:[M`nO[GdNJ@/0^i[8.VzW-1.P3If)y3KL9D3I?+[t.q=J
.utua.com.br/	1970-01-20 19:02:42	Name: __gads Value: ID=491b3302e9054bf3:T=1676466851:S=ALNI_Maj4WU5jggHVTrrzvi5MplfS1FPNA
.utua.com.br/	1970-01-20 19:02:42	Name: __gpi Value: UID=00000bb721de7579:T=1676466851:RT=1676466851:S=ALNI_MZgNl549zx7RhVqAjCI3JzZtpMkMA
.vtracy.de/	1970-01-20 11:50:39	Name: tr_id Value: vi-c6da895d-2711-4c50-980d-ece9328775c3
.vtracy.de/	1970-01-20 11:50:39	Name: tr_dt Value: 2023-02-15+14%3A14%3A13
.utua.com.br/	1970-01-20 19:17:06	Name: _ga_Y1WZWFMSQF Value: GS1.1.1676466851.1.0.1676466855.56.0.0
.3lift.com/	1970-01-20 11:50:42	Name: tluid Value: 646028105285804822934
.mathtag.com/	1970-01-20 19:07:02	Name: uuid Value: 3ac563ec-daa8-4c00-ad4a-351d9732bd65
.mathtag.com/	1970-01-20 10:24:18	Name: mt_mop Value: 4:1676466856
.everesttech.net/	1970-01-20 18:26:42	Name: everest_g_v2 Value: g_surferid~Y_zapwAAAJt3EAA_
.bidswitch.net/	1970-01-20 18:26:42	Name: tuuid Value: a87a6e13-82bf-4ae1-9f5d-b586cf0b1a2e
.bidswitch.net/	1970-01-20 18:26:42	Name: c Value: 1676466856
.bidswitch.net/	1970-01-20 18:26:42	Name: tuuid_lu Value: 1676466856
.360yield.com/	1970-01-20 11:50:42	Name: tuuid Value: 99b5da9b-dac9-4c92-9317-8282e868612b
.360yield.com/	1970-01-20 11:50:42	Name: tuuid_lu Value: 1676466856
.creative-serving.com/	1970-01-20 19:02:42	Name: tuuid Value: 53df69f2-0782-4cd6-acdd-dc9da51db38a
.creative-serving.com/	1970-01-20 19:02:42	Name: c Value: 1676466856
.creative-serving.com/	1970-01-20 19:02:42	Name: tuuid_lu Value: 1676466856

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.creative-serving.com
adservice.google.com
adservice.google.de
assets.utua.com.br
bucket.utua.com.br
cdn.ampproject.org
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eb2.3lift.com
ed2401fb3292eeb479907412247abb69.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
match.360yield.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
red.vtracy.de
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
u27351811.ct.sendgrid.net
us-u.openx.net
utua.com.br
wizrocketmail.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.111.217.42
142.250.186.66
142.251.39.66
143.204.89.128
151.101.130.49
167.89.115.121
185.29.132.245
185.80.39.216
185.89.211.12
2001:4860:4802:32::36
2606:4700:10::6816:229
2606:4700::6810:3865
2a00:1450:4001:802::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2006
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9b
2a00:1450:400d:802::2001
2a00:1450:400d:803::2002
2a00:1450:400d:803::2003
2a00:1450:400d:804::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200a
3.123.211.203
3.64.174.171
34.254.25.134
35.157.225.50
35.244.159.8
51.38.120.206
69.173.144.138
76.223.111.18
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
02381425ccf04f467636fb239213b8782ad85a9037f99e30578da2b3916360fb
083c62be96044cfd0fae3888aca6fd4e87686e1334e99de7703545dbc9461ad1
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
0b02150d934fc557f832043f51ca8ce16b53180ea14135bbd35feb7486660b8d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e496c8df709faf2c11072ebc4df3106b369d3d914b065d5e806745193950527
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
0ed95f5118b1582b90e655bad2af954904677d9e630a2dade8ef4b1a2d548307
0f1970784ecd196f4be187a329efd6c9cc1cd091d0b9cdc0d7876333aebb8a85
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
10b2de7cfeaab0303b0200b249e3c3ecd2439980a8ea6066b0e21a7bb3f80e7c
12534d0ea8394e763ec801b7dffd99cd0ebadaeb497fa885df6487b51ac13dc9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14ea53201f2569bb352a4bfa01fb0a82fb1db9dd9828ae77d7221e40e5b5bb20
1589c6d110ab30331aaf6a3c94b5602739be81bd6a8139be9430acfae4142098
15d2516caa21a7bdf93021f398b4699ece1f914f723cf2df9dd9dd1ec1064068
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e0c1c172cc5c2b470f3e69dd529490e01c2dc36835ef0db0e77fbbdd150dd5a
21383a108fc0f4840b90610def8622f8af1fde2c2833693d61a1f91c075d25d1
215488150cadb3aa687419bf4aef7c1004637b020cef6aa7209646b8df51b067
234342f99e9b426acf9b05f6b37f76ddff422d604137b981f39ea5cd8fcd8970
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3292cacc4fc243813ee2bbaebde4c96c247527bac6fd7f04920b8703787cf664
33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc
3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac
3eb9a7b6f947b03e6b85ae89751c94270cd911c8721fd9efafa666ffcb66c441
459aab616bac008bdd5abfe7cbad337fabefb3ed69ecc9596c85606a4719ee55
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47518781bb73a7246909e3143eeee3afc237421fc0f960edd1a7ad6c850fc1d3
49cbd009a40e971c1c6a4d40b5ec17c8d214721dade6e60f4e0c3d36298ca958
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a91763606a49a7826e7b43cbcc8133b731ba3ee1988e2cc248d64bfaf5c553c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
514e33a20146956debf71b86d3e3184da175e2d15085e3d5512400b3f6abe99f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59153e64bb0b45161c933334f58e73a8d454da8c5b7119c4ea257a874bce0c1b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af
5eecd4075b543495f68b7308d206da82c524e67f8baa81de2e13ebd3290a3a1f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cfe1e4bad8332eaf07240b9a18cd9c20f55c526e9c0b9ad9bf3255265c695d
63a1874391cb6b2987261693f38fa464265244115052ae393f367ca02ce4bf78
63fc3a6fb44b8f8d7229ac657afd57cb387f63f02766072e2b6f5033394b31a3
68774240b2f054bbb31d04eca34912f9ff2f39768f04263ce16eb7762acffe04
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
691171b5764dfbadde30c21093afb347c83532080d764d8b1396a133f6828a00
714b746c7741b2cb5ba8c41418a9a4911865469acf199e87ec9084bb66dfc572
73b9c61568b437763c1552c67d4516ed7014a4c5277af7bc6f104a1009a62e5f
79c587843db970f8b6e9916bd7761294209481e5d65ed8e6b8c5477ade836fbe
7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
90b67db2a8630309bc19588c41bbba046c59031aae1be685f5675ac297b621ee
93dc3442b92767645ff6ef3c33d2abc7b03da3823d9e73737b0ad1c91623af2a
96c09b565e295ff3b37289f8194acb5d3cdbc41b7737b0f5c4ecf2288c29a75b
97ee1ee60b05506f81c50fa17e768fdd653bae5750328129be0a71e40e7b8c37
9a9445ab24b50fc0945fd327d2f78da39c09571d8a103c4eb946e655b4a33e73
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da3696f109e5729da0c6c20124ec49f9e8ed7dc39f6744ff81c1230c4a189e0
9dadc92fbcde9b79ef86599c84790048999abf468f5f674da8ef7ff8df48478c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3c9b2b18240b181a21ba0eaa3d3770c1432444d1c0332904eea5a871daa7138
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
af0635efaaa86b7f2e4f4d99de4befba4b9df2e518793de7c4d63e2a0aa96ee0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4
b5b068397e59b9229c364046f32004307172f6ba641a020fea3446444a4f485e
b91b4516e392e23588bc6a88dd18226b85cc120ecf2a177912c23eba152d3c8a
c087ecc475b5dc2cb0326013518b30c2829dc7a1f079a6aa687d93bebf11dbde
c138b956d5a563813d9da1839c93ac6cb2eb37e84230f2d2b96565e072607b73
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3e9bee6fbe437578b60de04b86f837e700691fa22c351b1d008a95285a832d3
c5e2864515b9dba355fe89ae860fae8902726d3423e0d06fe19364c117caa299
c9f5d85ce5ec454a2d7032fca0b2876e3d7ad3c2e6e0c8fbc74fd74c1a54021d
cc5e6ce36092dc91497bdd85a34c15fff12dd510315abbd312feabfd195ab317
cc8d4f0307cb7b2d1ddd75494c0feaedb06225b7fb2d3b9e87740a4fcce80e43
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507
d748e170b4b5ec22221854e17093181a0eab963f555f1eb970082694525eae63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc
ebd60eb21d467fd8be75e1ec6fbd0cd7bfb154c612fbaaf3808346b4bbacfade
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
f88785eebc9362c93560c789e5960f8b5e501c0a4ac0f7cd817c8234c00f286a

utua.com.br Open in urlscan Pro 2606:4700:10::6816:229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

92 %HTTPS

55 %IPv6

28 Domains

40 Subdomains

29 IPs

6 Countries

1675 kBTransfer

4254 kBSize

28 Cookies

0 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

utua.com.br Open in urlscan Pro
2606:4700:10::6816:229 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

92 %
HTTPS

55 %
IPv6

28
Domains

40
Subdomains

29
IPs

6
Countries

1675 kB
Transfer

4254 kB
Size

28
Cookies

173 HTTP transactions
4 data transactions