jornalutil.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://newsletter.jornalutil.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZqb3JuYWx1dGlsLmNvbSUyRjIwMjIlMkYwMSUyRjI3JTJGZW...
Effective URL:
https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac...
Submission: On November 10 via manual (November 10th 2023, 12:27:17 pm UTC) from BR — Scanned from DE

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 11 domains to perform 55 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is jornalutil.com.
TLS certificate: Issued by E1 on September 25th 2023. Valid for: 3 months.

This is the only time jornalutil.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:cd1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:264... 2600:9000:2646:ea00:d:6881:ac40:21	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:494a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	54.77.238.227 54.77.238.227	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:2600:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:2251:5600:9:fddd:fc40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	3.230.247.119 3.230.247.119	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
55	17

1 2606:4700::6811:cd1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newsletter.jornalutil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

jornalutil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:ea00:d:6881:ac40:21 (United States)

ASN16509 (AMAZON-02, US)

d2pn47juqu41ip.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:494a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.atpnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk.atpnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hash.atpnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tlm.atpnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.238.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-238-227.eu-west-1.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f0c71264195f3b4496e23cf60d9d339f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:2600:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:5600:9:fddd:fc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.247.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-247-119.compute-1.amazonaws.com

rdr.atpnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	jornalutil.com 1 redirects newsletter.jornalutil.com jornalutil.com	1 MB
8	googlesyndication.com f0c71264195f3b4496e23cf60d9d339f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	42 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	180 KB
5	atpnd.com cdn.atpnd.com — Cisco Umbrella Rank: 506394 trk.atpnd.com — Cisco Umbrella Rank: 509264 hash.atpnd.com — Cisco Umbrella Rank: 608977 tlm.atpnd.com — Cisco Umbrella Rank: 618309 rdr.atpnd.com	14 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 11864 api.rudderlabs.com — Cisco Umbrella Rank: 6544	31 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4223 onesignal.com — Cisco Umbrella Rank: 1433	73 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	263 KB
2	escalated.io tag.escalated.io — Cisco Umbrella Rank: 46689	31 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	cloudfront.net d2pn47juqu41ip.cloudfront.net	2 KB
55	11

	Domain	Requested by
18	jornalutil.com	jornalutil.com
7	securepubads.g.doubleclick.net	jornalutil.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagmanager.com	jornalutil.com www.googletagmanager.com www.google-analytics.com
2	api.rudderlabs.com	cdn.rudderlabs.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.onesignal.com	www.googletagmanager.com cdn.onesignal.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tag.escalated.io	cdn.atpnd.com tag.escalated.io
1	www.google.com	tpc.googlesyndication.com
1	rdr.atpnd.com	cdn.rudderlabs.com
1	tlm.atpnd.com	cdn.atpnd.com
1	cdn.rudderlabs.com	cdn.atpnd.com
1	onesignal.com	cdn.onesignal.com
1	hash.atpnd.com	cdn.atpnd.com
1	f0c71264195f3b4496e23cf60d9d339f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	trk.atpnd.com	cdn.atpnd.com
1	cdn.atpnd.com	jornalutil.com
1	d2pn47juqu41ip.cloudfront.net	jornalutil.com
1	newsletter.jornalutil.com	1 redirects
55	21

This site contains no links.

Subject Issuer	Validity	Valid
jornalutil.com E1	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
atpnd.com GTS CA 1P5	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.escalated.io Amazon RSA 2048 M01	`2023-04-10` - `2024-05-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-06-14` - `2024-07-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
rdr.atpnd.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
Frame ID: CA532DECCF72AC704B6E25CCEB186F7A
Requests: 50 HTTP requests in this frame

Frame: https://f0c71264195f3b4496e23cf60d9d339f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9683E2236038E242D89404F7BC96A979
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 337E1C41FEAD5BAAF984B8DD8AC9C630
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F762BF7592347C9C8A4C396EB0C18BC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo Pessoal - Empréstimo Bom pra Crédito - Jornal Útil

Page URL History Show full URLs

https://newsletter.jornalutil.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZqb3JuYWx1dGlsLmNvbSUyRjIwMj... HTTP 302
https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=e... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

55
Requests

100 %
HTTPS

88 %
IPv6

11
Domains

21
Subdomains

17
IPs

3
Countries

1936 kB
Transfer

3347 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://newsletter.jornalutil.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZqb3JuYWx1dGlsLmNvbSUyRjIwMjIlMkYwMSUyRjI3JTJGZW1wcmVzdGltby1ib20tcHJhLWNyZWRpdG8lMkYlM0Z1dG1fc291cmMlM0RhY3RpdmVjYW1wYWlnbiUyNnV0bV9tZWRpdW0lM0RlbWFpbCUyNnV0bV9jYW1wYWlnbiUzRGFjLWVtcC1icGMtYzEtMSUyNnV0bV90ZXJtJTNEZW1wcmVzdGltby1ib20tcHJhLWNyZWRpdG8=&sig=7PBjnC4WCsFiD59ke138WJmr8YPHq3WEmRib4GbeWEcr&iat=1699542845&a=%7C%7C650812675%7C%7C&account=imedias%2Eactivehosted%2Ecom&email=FEogOXU3cpVF1WJLvdLSxryAd5RU6p9%2B973%2FxwndqWiMRUG0iRSzBg%3D%3D%3A5FUhMGRzSP%2BQ6pVcdqzmhnRWakT348fI&s=955a4972db92ffafd70195bebb717502&i=766A756A2A3017 HTTP 302
https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/
Redirect Chain

https://newsletter.jornalutil.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZqb3JuYWx1dGlsLmNvbSUyRjIwMjIlMkYwMSUyRjI3JTJGZW1wcmVzdGltby1ib20tcHJhLWNyZWRpdG8lMkYlM0Z1dG1fc291cmMlM0RhY3RpdmVjY...
https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito

43 KB
11 KB

280ms
217ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

198129ac5499e9e075929978c53e028bf1dab37598b2c2b8082bbe6813dbe928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 823e49b64c0f380e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 12:27:09 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://jornalutil.com/wp-json/>; rel="https://api.w.org/", <https://jornalutil.com/wp-json/wp/v2/posts/12302>; rel="alternate"; type="application/json", <https://jornalutil.com/?p=12302>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BZG2UEc4MrsWQi1YMrjoxwzYpLMh%2FK1IkL7rDhw0amISJVK6fOyfqZAKEfFypWRkMBA%2FbcRf6m9uzhd1ehlGYZKHUKY3br%2FgFJ9pQFYju96yi1TEJgbEUfB2j1QMGh7yifJ5pm3vVnISZFE7w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pingback: https://jornalutil.com/xmlrpc.php
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 823e49b478584db6-FRA
content-length: 0
content-type: application/octet-stream
date: Fri, 10 Nov 2023 12:27:09 GMT
location: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 price.js Show response
d2pn47juqu41ip.cloudfront.net/jornalutil/ 33 KB
2 KB 506ms
429ms Script
text/javascript 2600:9000:2646:ea00:d:6881:ac40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2pn47juqu41ip.cloudfront.net/jornalutil/price.js
Requested by: Host: jornalutil.com
URL: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ea00:d:6881:ac40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 169fb836b04c0a7c5c9659d226ba4464ee086cda256a05107df5ecc04e621a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:10 GMT
content-encoding: br
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
last-modified: Fri, 10 Nov 2023 10:01:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
etag: W/"16d68dbb775e7195e69776797685cc90"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: max-age=14400
x-amz-cf-id: iZy2wcyHHs8HK1M4iAMAEl8sRQ9Q6cm2LuHnUEYl5T86oXk_CvzyDA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 277ms
146ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jornalutil.com
URL: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

378cd73399e7340956e462b01874e7fcfbc916d9f15b572a40d3b81df0c3c0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31178
x-xss-protection: 0
server: cafe
etag: 576 / 19671 / m202311020101 / config-hash: 2511228162032463359
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 12:27:09 GMT

GET
H2 200 jornalutil.js Show response
cdn.atpnd.com/scripts/ 45 KB
12 KB 205ms
153ms Script
text/javascript 2606:4700:20::ac43:494a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.atpnd.com/scripts/jornalutil.js
Requested by: Host: jornalutil.com
URL: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ae8683733ff9c0d71535657912a8e88dba9b3304686ea42c2ccdfc090cdea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 Nov 2023 08:54:51 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=57202
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSBuwuZU9vRKrT4mKJ%2Bh2HTNbku%2BSd8zg6BLCOJM7z8%2BcO1r8yOhhYVe%2Ba%2F1havf%2BKECK8KPeQ4S0UQhhJqlQ%2BXB%2FVuvMfcoe6IKg0yVu%2By5OgtPUau%2FobMnLdg3Xqu7OXG0MJKv3PfVxtw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: max-age=14400
cf-ray: 823e49b80b6e65c9-FRA
link: <https://cdn.atpnd.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 styles.css
jornalutil.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 59ms
57ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jornalutil.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 09 Oct 2023 11:53:04 GMT
server: cloudflare
etag: W/"6523e9a0-b2b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8uM2AY0rinY29buDY7wBWiFJvWtbLuoWuKaK%2FepKgwSK6g2fsmru%2FHaJH1z%2BGKvwxsteSNoBbsjoPgZNKgIVgTkwd9vIhcJclLM4AF8ZkI%2FWJT%2FIFSdBKQNmCALLA07bL8hXA38ejBrCW7w7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 823e49b7be39380e-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H2 200 style.css
jornalutil.com/wp-content/themes/tema-clean/ 15 KB
4 KB 24ms
22ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jornalutil.com/wp-content/themes/tema-clean/style.css?ver=6.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63e68af1e908d0aa14d14ed32adca06d49320506984200c8e414ad9eef4f8a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49288
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Sep 2023 17:03:04 GMT
server: cloudflare
etag: W/"64f60dc8-3d2c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW%2FH%2FLvCIFnmTEMv%2B4x%2FqPt9SHYzxpjHRtARrZhquKwBb7MqCAxdZpjbTlWSbhrhNsSESymE2495aEAmeJyNzZ5AAmnkqgDAZywg9gXVNF23mvalH5GxBbTP8tRODICG8gn8HKQ5%2BgcwlWQj%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 823e49b7be3a380e-FRA
expires: Sat, 09 Dec 2023 22:45:41 GMT

GET
H2 200 style.css
jornalutil.com/wp-content/themes/child-clean-ju/ 243 B
474 B 25ms
24ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jornalutil.com/wp-content/themes/child-clean-ju/style.css?ver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd48c15d3d0becd75e2863740fbf2108f4740d5b38f9a58f4284172d40d46a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49288
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Sep 2023 17:03:59 GMT
server: cloudflare
etag: W/"64f60dff-f3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoRJ%2FMcPMnHhzI8HzODIO2JLqXbegVlcLpKUOVeH6EbQjndQ5TmhY8PH7evFrSc5FryVh5TxlXDbbISezc0XjEUkejGWsEPeF4EbBvxOkh9sW0uNMPMNbX4pAgxLA8Td1gJu%2F8gznt6bHd1LfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 823e49b7be3c380e-FRA
expires: Sat, 09 Dec 2023 22:45:41 GMT

GET
H2 200 JORNAL-UTIL-ULTIMO.png
jornalutil.com/wp-content/uploads/2020/04/ 6 KB
6 KB 55ms
54ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/uploads/2020/04/JORNAL-UTIL-ULTIMO.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae4ec78215699b445ca50282dcdc9f9cf780c42648cba08ef92c8617941219e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5838
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Apr 2020 20:40:36 GMT
server: cloudflare
etag: "5e98c2c4-16ce"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sajoxXlynArTG6g9Q4AnMAePUW%2B6JU48RiZ4cYPo2QiDO25l%2Fao%2FFv4vXeSZF%2B5wWe2ETqe9q1dfSvbi6gH7BLEUvxSLUJMwwUBM7%2BAEoMxvtqFXOkdHJqrqYqaRAqhFt8WJInrBV1dxcK%2Fbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b7be3f380e-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H2 200 Emprestimo-Bom-Pra-Credito-Pessoal-min.png
jornalutil.com/wp-content/uploads/2020/12/ 2 KB
2 KB 60ms
59ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/uploads/2020/12/Emprestimo-Bom-Pra-Credito-Pessoal-min.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3024a4b14d385dae272acf9dc42529b6cb03923d676c883cde416343dada9a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1708
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Dec 2020 19:53:41 GMT
server: cloudflare
etag: "5fcd36c5-6ac"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxZiDOiBKK2iH0MfO%2FxkiSofOAuIEYjcUGvJfwiNifYYQpvNkHNCDrvbx0z1t96AyI0PapnObzt7yx%2BNCWMP9qupqSKbDKGwZCJ7%2BBb4TeIAOutCGrRw9JIwrYZo%2F9S38FXbe7%2FFKz74DK4K%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b7be42380e-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H2 200 emprestimo-online-urgente-com-score-baixo-capa.webp
jornalutil.com/wp-content/uploads/2022/07/ 9 KB
9 KB 58ms
58ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/uploads/2022/07/emprestimo-online-urgente-com-score-baixo-capa.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

278f530bfcf7161d690ec88dfe6a288d5a7140e778c76ebb150073459293f59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9022
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Jul 2022 20:15:00 GMT
server: cloudflare
etag: "62c5ed44-233e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0pEMkrLsjo45fh1GAu22LrZDVU26ZL1a0N0S9Js7ljRM0bvySX5mlBZwo8q1Sn%2FtRFeMhKB3hIYX5cVH%2FKjhlPGlAPseEvgVTh%2FG2CVh9NkUN5qbsnODrgg8SqHvmAw6%2BFnoLJ80%2BCW5nDgfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b7be44380e-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H2 200 Design-sem-nome.png
jornalutil.com/wp-content/uploads/2023/08/ 629 KB
630 KB 69ms
67ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/uploads/2023/08/Design-sem-nome.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd4231e6f79f0ceff1b99ce13c8aa1c500199c966f43909f79388b4f3e7747bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 644416
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Aug 2023 20:51:46 GMT
server: cloudflare
etag: "64d2aae2-9d540"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kj5oYNtOGckIlENbAjVYB6GKiPbXjFT2Hg8wGoDEau8edQjJJbDx5BjI9JWmjVVdkqNmXbJTSz2cPV6Vf0JrsNZI9WovTykmZFX5729cc78echN29vu2RKP0qkG58Kg7IOW%2BouNuoZ%2B5HfrtuA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b7be46380e-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H2 200 flame.webp
jornalutil.com/wp-content/themes/tema-clean/assets/ 14 KB
15 KB 93ms
93ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/themes/tema-clean/assets/flame.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cbc7e5e8e79f6e8309524260018ffda214c359001c0c15ee38c8ecbde876b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14672
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Sep 2023 17:03:04 GMT
server: cloudflare
etag: "64f60dc8-3950"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTGexDjSb6NIS%2FddBo%2Fr9E5kKgQVxDDmNC7Z3Fwu6aMMNKODe5ZAZUZpag%2BqQBwopmrUsCexk14pD0XMxge%2Bgu0PTx7BO7pcdnj07WtxKIZjgBZVifvtV%2FfweaGYq%2BK7qcU6EXSil9J3cxlr2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b7ce5c380e-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H2 200 faceicon.webp
jornalutil.com/wp-content/themes/tema-clean/assets/ 12 KB
12 KB 70ms
70ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/themes/tema-clean/assets/faceicon.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56d2ee0f68b4af1dee4bf85debc576d11b48797ad9ba4047c675ca11d51c9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12126
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Sep 2023 17:03:04 GMT
server: cloudflare
etag: "64f60dc8-2f5e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ql67DFyzBIDDT5%2FSMXDueQWGBN6e4HQm96s6n%2B0WzA7LjCOVl6a8sBxYq%2FSbtx0h4Ra66u6A7AKbpK5R1GsdrWW6lFfE2%2FdKMQn9PZc2QBvboqo4UCbhBSrze3mXuZSR5BtriGSzUQoAiBn%2F1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b7ce5f380e-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H2 200 instaico.webp
jornalutil.com/wp-content/themes/tema-clean/assets/ 3 KB
3 KB 69ms
68ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/themes/tema-clean/assets/instaico.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59a150126fab7d31ab3a38570401fbd9910c8e7ad790554e8abdfb7c2bc8fee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2660
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Sep 2023 17:03:04 GMT
server: cloudflare
etag: "64f60dc8-a64"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7P4vk1c5S2%2FlkbKw%2BD1fD4Z4GAppa%2BcinHKplUJ8eEDviOR5g%2Fe9%2FqVmCOT7z9B%2BGrpiuCRimXViZn1wKUzbkV2Kf78VbaTQTDC878B0QK2tRwwTo5Tu2PM%2F0KrwLXmbCqhOdmuyT4LVJm4HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b7ce60380e-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H2 200 email-decode.min.js Show response
jornalutil.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 18ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jornalutil.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 16:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654bb442-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bXqppRW36QcbqDZylIlEWBemzNIlzVbRa97LWO%2B4YSk7aSHtSVqAGcFKBY14TXHKfYq%2B4FWo3fWAmCUR43C9n3mqRP2oyUXNSTvJkM7KEybS0DABOZiYBn7PncQrtK2VP1T%2FQF1stUuXTjf0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 823e49b7be48380e-FRA
expires: Sun, 12 Nov 2023 12:27:09 GMT

GET
H2 200 index.js Show response
jornalutil.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 43ms
42ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jornalutil.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49288
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 09 Oct 2023 11:53:04 GMT
server: cloudflare
etag: W/"6523e9a0-2a12"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hj3Mv3xAcpU8D4g7REKMbE1ZUCjAcbIleDY9VKRRMfhNyzzihhbejDQAFuitKanee4ZLIebdBqNJcTOiQO5RE95RJE3s3kM4ZqMVINb5XhbOWZEAgZ%2BRW22ZDtm20N8Db%2FDWVKvI2MN2JATBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 823e49b7be49380e-FRA
expires: Sat, 09 Dec 2023 22:45:41 GMT

GET
H2 200 index.js Show response
jornalutil.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 24ms
23ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jornalutil.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49288
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 09 Oct 2023 11:53:04 GMT
server: cloudflare
etag: W/"6523e9a0-328f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPICaIc7uQKSbcCrJgEHDtOYiuOveutwl0KIhtFKTnVk17hlSmPW401vXG9kZCh07kPgu2F5xDX4NhFZyFydiT09qa%2FXTR3cr8qFVWLF%2BwIYb%2BnSjPK4HQvsHvgHL3Ihqno0iEhOtfYaoa0K9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 823e49b7be4a380e-FRA
expires: Sat, 09 Dec 2023 22:45:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 250 KB
89 KB 226ms
101ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7DQDXV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b8391ef722c449719a669232ac80aa65e005d82a7e1dce0987c5e28205de4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90613
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 12:27:09 GMT

GET
H3 200 Microcredito-Banrisul-Vantagens-e-solicitacao-1024x576-1-570x285.png
jornalutil.com/wp-content/uploads/2023/11/ 142 KB
143 KB 68ms
66ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/uploads/2023/11/Microcredito-Banrisul-Vantagens-e-solicitacao-1024x576-1-570x285.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997878f7ca4196afd35aea9f5eb9353f16842a41edff82668bf5d2f66fbd77b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 145852
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:19:45 GMT
server: cloudflare
etag: "64ff2201-239bc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQytOQY0RxEHHSoGTdZKgYqKccX4kzhjqLmHSDUALIyZg57%2BOo30LqSgfmL5e17scKvuE1xOORwRuZkawUAxu7k%2Fvz96R84yfpQpK%2FD6i11vyKtP8ATDiKUF4h2ruxmMiGfjXslQH8xsZOL3hw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b86854923d-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H3 200 Microcredito-do-Banrisul-Quem-pode-obter-1024x576-1-570x285.png
jornalutil.com/wp-content/uploads/2023/11/ 171 KB
171 KB 61ms
59ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/uploads/2023/11/Microcredito-do-Banrisul-Quem-pode-obter-1024x576-1-570x285.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3d8c27199c3cf56c51275e898e07d4f32af86268258814b2cc4a3c82e332ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 174604
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:18:26 GMT
server: cloudflare
etag: "64ff21b2-2aa0c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8CSUynT2aoGo%2FW4YxPMc0D8k7grdX%2BInOAtXCeeQT9IDBuUVNhr95idUWWWdqGjlTrK90iXGV7jNjcuLaWJjEGO55%2BM3MO4oc1%2FdwYYOaqW55exS1uyz2MUwm5ZrB87ieXFLs6%2Bv6vyjDwwWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b86858923d-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H3 200 Financiamento-Webmotors-Todas-as-informacoes-1024x576-1-570x285.png
jornalutil.com/wp-content/uploads/2023/11/ 111 KB
111 KB 92ms
90ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/uploads/2023/11/Financiamento-Webmotors-Todas-as-informacoes-1024x576-1-570x285.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d47be278b267b4f111dd41d2fc5a03937bb1b7c28b04feda9337a44a1c158f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 113325
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 12:30:21 GMT
server: cloudflare
etag: "64ff085d-1baad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JzBlPszyhPFQy6jZTw4sZcNHTTT5tRwqknhAto97q3Aij2yW0OTQRkE0Iq1Vv8VlFuGaYXWDkbHvltnRkWi1kCo55zK30Yf1HqccLR3AFQlnFwlC4QbYuoIWsgdiUDrGslMOSXBaAObR%2Bh87g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b8685a923d-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H3 200 Financiamento-de-veiculo-Webmotors-Quem-pode-obter-1024x576-1-570x285.png
jornalutil.com/wp-content/uploads/2023/11/ 147 KB
148 KB 96ms
95ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jornalutil.com/wp-content/uploads/2023/11/Financiamento-de-veiculo-Webmotors-Quem-pode-obter-1024x576-1-570x285.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a175d05c18a590a40a068ac5bd882a55b85fe977e109c7ba762dd5fa3a2622e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/2022/01/27/emprestimo-bom-pra-credito/?utm_sourc=activecampaign&utm_medium=email&utm_campaign=ac-emp-bpc-c1-1&utm_term=emprestimo-bom-pra-credito
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 150780
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 12:28:19 GMT
server: cloudflare
etag: "64ff07e3-24cfc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r58mED0rW3%2BBKk40XNK0%2Fx8%2FnGHSP0wNTkXvu5d9iaXdKbMgZ2zH5ePYCEsbfmmlzZ8EQx4A5IrRzqyeHYJlu%2Fylkod7smG1mRNzORLAux4UUdBXPX%2FeBU%2Fby4HiekcBuE5Rgl30FqvTRuopEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823e49b8685b923d-FRA
expires: Sun, 10 Dec 2023 12:27:09 GMT

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 72 KB
31 KB 1155ms
63ms Script
application/javascript 54.77.238.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.escalated.io/?i=ZVisSlSVgsQR&callback=avUpdateIsSafe
Requested by: Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/jornalutil.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.77.238.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-238-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5be1b370c7bbd106b2ce45c855c570c80b493896aa5cf8958fb8392f3b0fc151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 12:27:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Sep 2023 15:12:11 GMT
Server: nginx
ETag: W/"6501d14b-1207a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 / Show response
trk.atpnd.com/ 183 B
563 B 1112ms
20ms Fetch
application/json 2606:4700:20::ac43:494a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.atpnd.com/
Requested by: Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/jornalutil.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe46bdffd29853e6818388b7d00c2963c9e67bf482ab01420e28767b4f0b164

Request headers

accept: application/json
Referer: https://jornalutil.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:10 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hldOw8AIH00N7HTZzWjZ%2FkLda%2BLDVi6KQqL%2BkPg10ZLp4QXUgEhbWGGuD1yVlmzoqi8ZubU1b9CbhJw5k5aQZ%2B5pWRo7ch3Xpuizq%2FCG%2FjYR5QeqZ%2Fgp9I15gepbGoHRvP6Iv%2BoGYPzWBrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 823e49c00fa9bbfd-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 426 KB
134 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37925
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136626
x-xss-protection: 0
server: cafe
etag: 12374074705736737879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 09 Nov 2024 01:55:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NMWHLWNSB5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7DQDXV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9bed7a1b84186f8842652ccd0d0ea7524e2893f6074722bf10003e0dd71dd74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 12:27:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 891ms
28ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7DQDXV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Nov 2023 11:48:51 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2299
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 10 Nov 2023 13:48:51 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 896ms
34ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7DQDXV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:10 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2277
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 823e49c00fc81992-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 Nov 2023 12:27:10 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 34ms
33ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:10 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2277
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 823e49c0481e1992-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 Nov 2023 12:27:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 39ms
38ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1227340388&t=pageview&_s=1&dl=https%3A%2F%2Fjornalutil.com%2F2022%2F01%2F27%2Femprestimo-bom-pra-credito%2F%3Futm_sourc%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_term%3Demprestimo-bom-pra-credito&ul=en-us&de=UTF-8&dt=Empr%C3%A9stimo%20Pessoal%20-%20Empr%C3%A9stimo%20Bom%20pra%20Cr%C3%A9dito%20-%20Jornal%20%C3%9Atil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=775570293&gjid=462190073&cid=575525004.1699619231&tid=UA-216940833-1&_gid=1497988018.1699619231&_r=1&_slc=1&gtm=45He3b81n81W7DQDXVv832831714&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=149201253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

374284f9ebf8b975fd0bed1062485e2047f9383b70c65c6476a00193e22f6e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jornalutil.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 12:27:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jornalutil.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 103ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NMWHLWNSB5&gtm=45je3b81v876428824z8832831714&_p=1699619229469&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=575525004.1699619231&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699619230&sct=1&seg=0&dl=https%3A%2F%2Fjornalutil.com%2F2022%2F01%2F27%2Femprestimo-bom-pra-credito%2F%3Futm_sourc%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_term%3Demprestimo-bom-pra-credito&dt=Empr%C3%A9stimo%20Pessoal%20-%20Empr%C3%A9stimo%20Bom%20pra%20Cr%C3%A9dito%20-%20Jornal%20%C3%9Atil&en=page_view&_fv=1&_ss=1&tfd=2051
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NMWHLWNSB5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 12:27:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jornalutil.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
893 B 278ms
277ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2125249473627946&correlator=4156709147576282&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=22665190428%2Cju_desktop_top%2Cju_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C300x250%7C336x280%2C1x1&fluid=height%2C0&ifi=1&sfv=1-0-40&ists=1&fas=0%2C8&sc=1&cookie_enabled=1&abxe=1&dt=1699619230921&lmt=1699619230&adxs=650%2C-9&adys=357%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjornalutil.com%2F2022%2F01%2F27%2Femprestimo-bom-pra-credito%2F%3Futm_sourc%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_term%3Demprestimo-bom-pra-credito&vis=1&psz=640x355%7C0x-1&msz=640x320%7C0x-1&fws=4%2C2&ohw=1600%2C0&ga_vid=575525004.1699619231&ga_sid=1699619231&ga_hid=1227340388&ga_fc=true&dlt=1699619229387&idt=1469&prev_scp=price_rule%3D50.00%26marketplace%3Dadexchange%7Cprice_rule%3D100.00%26marketplace%3Dadexchange&cust_params=experiment%3Dcontrol%26utm_source%3Dnull%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_content%3Dnull%26utm_term%3Demprestimo-bom-pra-credito%26request_uri%3D%252F2022%252F01%252F27%252Femprestimo-bom-pra-credito%252F%26land_uri%3D%252F2022%252F01%252F27%252Femprestimo-bom-pra-credito%252F%26utm_campaign_medium%3Dac-emp-bpc-c1-1_email%26utm_campaign_term%3Dac-emp-bpc-c1-1_emprestimo-bom-pra-credi%26utm_source_req_uri%3Dnull_%252F2022%252F01%252F27%252Femprestimo-bom-pra-cred%26utm_source_land_uri%3Dnull_%252F2022%252F01%252F27%252Femprestimo-bom-pra-cred%26price_rule_hash%3D15eee65f1c530eb1995a98044f009586%252C1ce01d51234c49666edbaed200112e7a&adks=1461929001%2C3563632294&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

514db22cf885b7c6b30af40d433c0fb7b07ddca062b33dd1da85b1cd2e18738e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 862
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jornalutil.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f0c71264195f3b4496e23cf60d9d339f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9683 6 KB
3 KB 204ms
59ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0c71264195f3b4496e23cf60d9d339f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jornalutil.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 12:27:11 GMT
expires: Sat, 09 Nov 2024 12:27:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 39 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821b5ea3bad8371ee991b1347a507ca208deaca7cffa778fa1db64b8fc17f1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1100
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13760
x-xss-protection: 0
server: cafe
etag: 8051071232551270508
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 09 Nov 2024 12:08:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-83X60J1DTQ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cde1b694208089fff265422d4ce4012e072a1362ecb1b39af21d756937e1f507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 12:27:10 GMT

GET
H2 200 / Show response
hash.atpnd.com/4a9d43ecde61efee54c1e00b43079090/ 31 B
329 B 90ms
66ms Fetch
application/json 2606:4700:20::ac43:494a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hash.atpnd.com/4a9d43ecde61efee54c1e00b43079090/
Requested by: Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/jornalutil.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 201eda224f05d06860f7773cb903863ed8b54e401348f92b9f95678986749fd1

Request headers

accept: application/json
Referer: https://jornalutil.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maejPijlAzrvP23sD%2B4yb5qS3OxuKoOWpQ6E7cqo1JuEGt75gd%2FXYT6hUmXfbtJa8pzymop067Iw9wHOnd9niJHv73Zh2y5uR%2Bo3lDmo%2B31iIBNvwtt4Nt4vqPV0IB9YIlFuhMPQvYVtTAkl"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 823e49c1ba42bbfd-FRA
content-length: 31

GET
H2 200 web Show response
onesignal.com/api/v1/sync/47a8aff8-2a74-4790-b8b2-1669c3025eb4/ 4 KB
2 KB 102ms
82ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/47a8aff8-2a74-4790-b8b2-1669c3025eb4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d8c60f948971d86a3a05fe192a4941b8a8ae03d9ac89247ca9396417df61a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6ac2985c-ce85-4b89-b213-c244b81f7b6d
x-runtime: 0.040864
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7d8c60f948971d86a3a05fe192a4941b"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 823e49c1da6a1992-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 10 Nov 2023 13:27:11 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 43 B
457 B 558ms
493ms Fetch
application/json 54.77.238.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=ZVisSlSVgsQR&callback=avUpdateIsSafe

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.77.238.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-238-227.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3002c83583c99fd61b7bb4323d1a7d79804f0cf8c2d1d5736ece524859b9c89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 10 Nov 2023 12:27:11 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Access-Control-Allow-Headers: X-Forwarded-For, X-Requested-With, Content-Type
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v2/ 93 KB
30 KB 287ms
152ms Script
application/javascript 2600:9000:214f:2600:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v2/rudder-analytics.min.js?transport=beacon
Requested by: Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/jornalutil.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2600:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5156291c4336da3cfa4a386363b1c996710c87f6ce3862dfcfc57d65c933a1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:12 GMT
content-encoding: gzip
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified: Mon, 12 Oct 2020 11:33:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"ed6e3461f4dc53994e36eabe89a16202"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: BA7bBcjnO8EGMZCVCjS3Q0OUsHFNXy5eGtge1E6jZbV6Zn4Ai_YtfQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 43ms
42ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-83X60J1DTQ&gtm=45je3b81v9123805024&_p=1699619229469&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=575525004.1699619231&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fjornalutil.com%2F2022%2F01%2F27%2Femprestimo-bom-pra-credito%2F%3Futm_sourc%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_term%3Demprestimo-bom-pra-credito&dt=Empr%C3%A9stimo%20Pessoal%20-%20Empr%C3%A9stimo%20Bom%20pra%20Cr%C3%A9dito%20-%20Jornal%20%C3%9Atil&sid=1699619231&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2429
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83X60J1DTQ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 12:27:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jornalutil.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
520 B 252ms
252ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2125249473627946&correlator=4156709147576282&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=22665190428%2Cju_desktop_top_rebid%2Cju_interstitial_rebid&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C300x250%7C336x280%2C1x1&fluid=height%2C0&ifi=3&sfv=1-0-40&ists=1&fas=0%2C8&sc=1&cookie=ID%3D8cf242e5206a9561%3AT%3D1699619230%3ART%3D1699619230%3AS%3DALNI_MZH37BO7MpmZw6nRBHg5fqBnDbUow&gpic=UID%3D00000cbf788033ed%3AT%3D1699619230%3ART%3D1699619230%3AS%3DALNI_MZOY1FSUuc54HJpkGX6y3rfX4dZCg&abxe=1&dt=1699619231313&lmt=1699619231&adxs=650%2C-9&adys=357%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjornalutil.com%2F2022%2F01%2F27%2Femprestimo-bom-pra-credito%2F%3Futm_sourc%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_term%3Demprestimo-bom-pra-credito&vis=1&psz=640x355%7C0x-1&msz=640x320%7C0x-1&fws=4%2C2&ohw=1600%2C0&ga_vid=575525004.1699619231&ga_sid=1699619231&ga_hid=1227340388&ga_fc=true&dlt=1699619229387&idt=1469&prev_scp=price_rule%3D0.05%26marketplace%3Dadexchange%7Cprice_rule%3D0.05%26marketplace%3Dadexchange&cust_params=experiment%3Dcontrol%26utm_source%3Dnull%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_content%3Dnull%26utm_term%3Demprestimo-bom-pra-credito%26request_uri%3D%252F2022%252F01%252F27%252Femprestimo-bom-pra-credito%252F%26land_uri%3D%252F2022%252F01%252F27%252Femprestimo-bom-pra-credito%252F%26utm_campaign_medium%3Dac-emp-bpc-c1-1_email%26utm_campaign_term%3Dac-emp-bpc-c1-1_emprestimo-bom-pra-credi%26utm_source_req_uri%3Dnull_%252F2022%252F01%252F27%252Femprestimo-bom-pra-cred%26utm_source_land_uri%3Dnull_%252F2022%252F01%252F27%252Femprestimo-bom-pra-cred%26price_rule_hash%3D15eee65f1c530eb1995a98044f009586%252C1ce01d51234c49666edbaed200112e7a&adks=4097156380%2C848228704&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22aca76ed2fe83031fe20c7d0a3f38d07788ed6d613238b62bd13a759f0a9dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jornalutil.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
api.rudderlabs.com/sourceConfig/ 1 KB
1 KB 108ms
107ms XHR
application/json 2600:9000:2251:5600:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderlabs.com/sourceConfig/?p=web&v=1.1.5

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v2/rudder-analytics.min.js?transport=beacon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:5600:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c1f3d6b13263b546ea2e21960fec43f6228cb69fdb0ef81889d0551f173e77a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jornalutil.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic MXFsSlhGTWVZVW1UeXVjWDZLVVZRVkVqQkJNOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 793ef230-7fc4-11ee-a716-bd57a82a00ba
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-id: 4tB3ZLKMfh0lkxGjwCdgrgUaqspZlC0nOMYfhk42eAFfR-tXQI7wpw==

OPTIONS
H2 204 /
api.rudderlabs.com/sourceConfig/ Frame 0
0 419ms
133ms Preflight 2600:9000:2251:5600:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderlabs.com/sourceConfig/?p=web&v=1.1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5600:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://jornalutil.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Nov 2023 12:27:11 GMT
vary: Origin
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-id: 9yDLsuqvAYg93SvfEuil2skqAcaHpiDGRJS9so8XGOGyMWJIA5_ANg==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-request-id: 792e9e80-7fc4-11ee-92d5-811685bf7485

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 485ms
311ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb9695e61e31e71f6dfe71848599cd0fc9d6c3397d43c0283f689b0adc0c9ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12217
x-xss-protection: 0

GET
H2 200 / Show response
tlm.atpnd.com/ 22 B
305 B 66ms
37ms Fetch
application/json 2606:4700:20::ac43:494a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tlm.atpnd.com/?pagePath=%2F2022%2F01%2F27%2Femprestimo-bom-pra-credito%2F&eventName=av_interaction&type=impression&subject=page&label=&risk_score=77
Requested by: Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/jornalutil.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33edb3d69fb5d4e9419dc4b1b8d43fd4563e1ede06620ab9e960e5992d3b0548

Request headers

accept: application/json
Referer: https://jornalutil.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOOlAN2JsXI2er%2FPEXgP%2BTRNIpkCn%2FGKG3VXF1BseKTTnsnUcg3abOv6EUwZxg6%2Fzdb%2FQM5PNoGAxs4U3Ito2g0KxqoacqFWyuLs3r%2FBwxcO1bFAymmKrshQEU6VcqbD1Lo%2F2ffhFA%2Fptj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 823e49c6088ebbfd-FRA
content-length: 22

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 389 B
168 B 200ms
199ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2125249473627946&correlator=4156709147576282&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=22665190428%2Cju_desktop_content_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280&fluid=height&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D8cf242e5206a9561%3AT%3D1699619230%3ART%3D1699619230%3AS%3DALNI_MZH37BO7MpmZw6nRBHg5fqBnDbUow&gpic=UID%3D00000cbf788033ed%3AT%3D1699619230%3ART%3D1699619230%3AS%3DALNI_MZOY1FSUuc54HJpkGX6y3rfX4dZCg&abxe=1&dt=1699619231887&lmt=1699619231&adxs=650&adys=1184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjornalutil.com%2F2022%2F01%2F27%2Femprestimo-bom-pra-credito%2F%3Futm_sourc%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_term%3Demprestimo-bom-pra-credito&vis=1&psz=640x355&msz=640x320&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnNgQXD2LsLOpIXncGt8u-DXRmYnoDfBZiuwU2eS60V&ga_vid=575525004.1699619231&ga_sid=1699619231&ga_hid=1227340388&ga_fc=true&dlt=1699619229387&idt=1469&prev_scp=price_rule%3D0.05%26marketplace%3Dadexchange&cust_params=experiment%3Dcontrol%26utm_source%3Dnull%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_content%3Dnull%26utm_term%3Demprestimo-bom-pra-credito%26request_uri%3D%252F2022%252F01%252F27%252Femprestimo-bom-pra-credito%252F%26land_uri%3D%252F2022%252F01%252F27%252Femprestimo-bom-pra-credito%252F%26utm_campaign_medium%3Dac-emp-bpc-c1-1_email%26utm_campaign_term%3Dac-emp-bpc-c1-1_emprestimo-bom-pra-credi%26utm_source_req_uri%3Dnull_%252F2022%252F01%252F27%252Femprestimo-bom-pra-cred%26utm_source_land_uri%3Dnull_%252F2022%252F01%252F27%252Femprestimo-bom-pra-cred%26price_rule_hash%3D15eee65f1c530eb1995a98044f009586%252C1ce01d51234c49666edbaed200112e7a&adks=2699082069&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20188d77967366ea5e5b6b79c14e15b57ee9bf566c7a09141f7acde9f4304677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jornalutil.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 256ms
127ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 12:27:12 GMT

POST
H2 200 batch
rdr.atpnd.com/beacon/v1/ 2 B
199 B 397ms
120ms Ping
text/plain 3.230.247.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rdr.atpnd.com/beacon/v1/batch?writeKey=1qlJXFMeYUmTyucX6KUVQVEjBBM

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v2/rudder-analytics.min.js?transport=beacon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.230.247.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-247-119.compute-1.amazonaws.com

Software

nginx/1.25.1 /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://jornalutil.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 12:27:12 GMT
strict-transport-security: max-age=31536000
server: nginx/1.25.1
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://jornalutil.com
access-control-allow-credentials: true
content-length: 2

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 395 B
174 B 466ms
465ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2125249473627946&correlator=4156709147576282&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=22665190428%2Cju_desktop_content_1_rebid&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280&fluid=height&ifi=6&sfv=1-0-40&sc=1&cookie=ID%3D8cf242e5206a9561%3AT%3D1699619230%3ART%3D1699619230%3AS%3DALNI_MZH37BO7MpmZw6nRBHg5fqBnDbUow&gpic=UID%3D00000cbf788033ed%3AT%3D1699619230%3ART%3D1699619230%3AS%3DALNI_MZOY1FSUuc54HJpkGX6y3rfX4dZCg&abxe=1&dt=1699619232109&lmt=1699619232&adxs=650&adys=1184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjornalutil.com%2F2022%2F01%2F27%2Femprestimo-bom-pra-credito%2F%3Futm_sourc%3Dactivecampaign%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_term%3Demprestimo-bom-pra-credito&vis=1&psz=640x355&msz=640x320&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnNgQXD2LsLOpIXncGt8u-DXRmYnoDfBZiuwU2eS60V&ga_vid=575525004.1699619231&ga_sid=1699619231&ga_hid=1227340388&ga_fc=true&dlt=1699619229387&idt=1469&prev_scp=price_rule%3D0.05%26marketplace%3Dadexchange&cust_params=experiment%3Dcontrol%26utm_source%3Dnull%26utm_medium%3Demail%26utm_campaign%3Dac-emp-bpc-c1-1%26utm_content%3Dnull%26utm_term%3Demprestimo-bom-pra-credito%26request_uri%3D%252F2022%252F01%252F27%252Femprestimo-bom-pra-credito%252F%26land_uri%3D%252F2022%252F01%252F27%252Femprestimo-bom-pra-credito%252F%26utm_campaign_medium%3Dac-emp-bpc-c1-1_email%26utm_campaign_term%3Dac-emp-bpc-c1-1_emprestimo-bom-pra-credi%26utm_source_req_uri%3Dnull_%252F2022%252F01%252F27%252Femprestimo-bom-pra-cred%26utm_source_land_uri%3Dnull_%252F2022%252F01%252F27%252Femprestimo-bom-pra-cred%26price_rule_hash%3D15eee65f1c530eb1995a98044f009586%252C1ce01d51234c49666edbaed200112e7a&adks=3859713216&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b27f514d92ba1879add80db43012ef364a56f1b56ba97f24dee12b83af0fc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jornalutil.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 337E 13 KB
5 KB 68ms
59ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jornalutil.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 11:47:08 GMT
expires: Sat, 09 Nov 2024 11:47:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7F76 829 B
1 KB 193ms
65ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0e5f6cd2711fbd950f9b4e50c14c8e2d6d617596241d7adcd19d03671d8d1a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rmnVISojXb-XNVSA56aRRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jornalutil.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rmnVISojXb-XNVSA56aRRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 12:27:12 GMT
expires: Fri, 10 Nov 2023 12:27:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 337E 39 KB
15 KB 156ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 12:08:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F76 0
0 85ms
85ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=2125249473627946&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 337E 0
10 B 54ms
54ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EYMZ7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:27:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
93ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=2125249473627946&bg=!HR6lHlHNAAZxrfrxUa07ADQBe5WfOJXdvSjvhggl6s-e3CfKMMxZEb5Dp1kLjTyvEn2HUk57ej5r23Bt706HGovG0wv6AgAAAOFSAAAAEWgBBwoAm2WHTdChch6TonVvhjtwwn4zgwrvRxgZNngqGtM0TYAnvvxtDo7TJ9hm-hLLBYNiaF6irGwBfKN5io2nZ011ONl0ih3p1NDhYKCb7kXHhxCpkbZol4_gvw3G-bovAE2O210ynkbclWZNxt1GPeRlz3JxSFQwvZUTZxByy_2rU8SxtURWAttUv1S1zQaoee8j3uYVRSQ7F169ATotmQK5DCJDJtX3KGcPT4WJUGfsIbHOWXybZ8ev_KyTdL5vL-tktouycfxAQVAfyETaKdTI9F6xTiIe_79cfofdHHJfspqhMJl4nmbvpWs4rGhFrAEUIGcdZK5e0WIm6sYNDq68-D_ZE0IpKPD0UKdiZpCVxI71B-hPFU5xR63uvC6aFkoa_4VLOmDpqtnoE144HKaFxpozYRYEjRM4OcaNv_mCE-gz7QCCyhtLqu5zQjhtglGFIg5vAV4w6_R_ZtSZD8pgDzC444PhJizJBq-fqfnJG3ni4OqHd7RsCTOfWWIjJ8ZT_ZR05ByVPlxGdjs4OV5PtJDn0h2FMN6jW3swN9IbpArcuLH7URX0uQdJ6G4Y8XrmzhJm4hYyRpG2K6XAGoRoK3kzWqNxyR3-AzywlD84Eoxoo25nKsjb8DYXSHw52UL1iyVaDDVrxZ8ygEWeo9TLy22dGPTS8vQQmdT87zSpoEOWc6roj2zVk_vqDrVW4AyXAPgqctk-dtprwqkF-vhAIOhsTvmbqp42mhitgHudP6FJ-r-e4a2hNEk2gWWZ7b-Befe1Ly-B8ZhsZ8zqQf_rETqHiyj6n8G-d3QM2DPRry33yZGEgARsSZcbCRgyCa9FL0aRD_2OhvrBA8S3qgjnoRoRP_lEQRANjDq_Ta85m-8NLyxU5FLDODDHNRc1ULAkcs0rkBGSuxVrq624o5UGj8j0QKaxwpCohG8x8kGKo3ZS02I2d_eH9TS6JpGdfQ3FhD2lhF6-emHHKeWetTbxkx2OVop2yHw-02Gzy70aoJW3fU1dj84UkQ6W5CrFWiJiKPbfUfZIvWXkY3D2XyJ2DrnC6zePqO3h9uUnzse9EkkpI5O7KpFjInttHVmVdQNDdw89jJvqfc8s-cZM9WWQuOykg7NTbAySJp1KkQ3gd77BtA7kpuXnOg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jornalutil.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 16:07:01	Name: __cf_bm Value: gnSWOekyr_lEd76kSwkH3Sf5Ns40Pm2lt2KflapLMGE-1699619230-0-AaW5r6okcW3jRAnwv/x73+SDSTVdrIzepqsYSt25/57+bkidhFQrCD1Cugt8iY/gDIYxTHBqAwp7kGQAadUQkvc=
.jornalutil.com/	1970-01-20 16:08:25	Name: _gid Value: GA1.2.1497988018.1699619231
.jornalutil.com/	1970-01-20 16:06:59	Name: _gat_UA-216940833-1 Value: 1
.jornalutil.com/	1970-01-21 01:42:59	Name: _ga_NMWHLWNSB5 Value: GS1.1.1699619230.1.0.1699619230.0.0.0
.jornalutil.com/	1970-01-21 01:42:59	Name: _ga Value: GA1.1.575525004.1699619231
jornalutil.com/	1969-12-31 23:59:59	Name: __emjor Value: um%3Demail%7Cuc%3Dac-emp-bpc-c1-1%7Cut%3Demprestimo-bom-pra-credito%7C
.jornalutil.com/	1970-01-21 01:42:59	Name: _ga_83X60J1DTQ Value: GS1.2.1699619231.1.0.1699619231.0.0.0
.jornalutil.com/	1970-01-21 01:28:35	Name: __gads Value: ID=8cf242e5206a9561:T=1699619230:RT=1699619230:S=ALNI_MZH37BO7MpmZw6nRBHg5fqBnDbUow
.jornalutil.com/	1970-01-21 01:28:35	Name: __gpi Value: UID=00000cbf788033ed:T=1699619230:RT=1699619230:S=ALNI_MZOY1FSUuc54HJpkGX6y3rfX4dZCg
.jornalutil.com/	1970-01-21 00:52:35	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX18xWSYgmuuCDpaOmTkc2RhxnqJG3EKq0cM%3D
.jornalutil.com/	1970-01-21 00:52:35	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX19hjS0ykyIjM2tcnw%2BtYCvU2soU8fgejKYGTgl2wdx6ILuozZK35UszMKD7YQItuqnQh%2BGoXJQMBQ%3D%3D
.jornalutil.com/	1970-01-21 00:52:35	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX1%2BspoCLlMKUDiHZnGybqps9F%2B8v8EKQ3Lg%3D
.jornalutil.com/	1970-01-21 00:52:35	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX19aKkFUaYfYvGpulVE6iX2fl%2F66nZ9k9lU%3D
.jornalutil.com/	1970-01-21 00:52:35	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX186W5khmviHCYRAF5UAe%2F74YjSQfD4lUyQ%3D
.doubleclick.net/	1970-01-21 01:28:35	Name: IDE Value: AHWqTUllMJJ4B-v46jqCZgIoe5HOVYVwn_PN0nC1EDd2P1sSY0220woIe0MfMmULrDM

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rudderlabs.com
cdn.atpnd.com
cdn.onesignal.com
cdn.rudderlabs.com
d2pn47juqu41ip.cloudfront.net
f0c71264195f3b4496e23cf60d9d339f.safeframe.googlesyndication.com
hash.atpnd.com
jornalutil.com
newsletter.jornalutil.com
onesignal.com
pagead2.googlesyndication.com
rdr.atpnd.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tag.escalated.io
tlm.atpnd.com
tpc.googlesyndication.com
trk.atpnd.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2001:4860:4802:32::36
2001:4860:4802:38::178
2600:9000:214f:2600:16:a497:9700:93a1
2600:9000:2251:5600:9:fddd:fc40:93a1
2600:9000:2646:ea00:d:6881:ac40:21
2606:4700:20::ac43:494a
2606:4700::6811:cd1f
2606:4700::6812:d73b
2a00:1450:4001:801::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2001
2a06:98c1:3120::3
3.230.247.119
54.77.238.227
0b27f514d92ba1879add80db43012ef364a56f1b56ba97f24dee12b83af0fc3e
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
169fb836b04c0a7c5c9659d226ba4464ee086cda256a05107df5ecc04e621a41
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
198129ac5499e9e075929978c53e028bf1dab37598b2c2b8082bbe6813dbe928
20188d77967366ea5e5b6b79c14e15b57ee9bf566c7a09141f7acde9f4304677
201eda224f05d06860f7773cb903863ed8b54e401348f92b9f95678986749fd1
22aca76ed2fe83031fe20c7d0a3f38d07788ed6d613238b62bd13a759f0a9dcf
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
278f530bfcf7161d690ec88dfe6a288d5a7140e778c76ebb150073459293f59a
2b8391ef722c449719a669232ac80aa65e005d82a7e1dce0987c5e28205de4c8
3002c83583c99fd61b7bb4323d1a7d79804f0cf8c2d1d5736ece524859b9c89c
3024a4b14d385dae272acf9dc42529b6cb03923d676c883cde416343dada9a99
33edb3d69fb5d4e9419dc4b1b8d43fd4563e1ede06620ab9e960e5992d3b0548
374284f9ebf8b975fd0bed1062485e2047f9383b70c65c6476a00193e22f6e8d
378cd73399e7340956e462b01874e7fcfbc916d9f15b572a40d3b81df0c3c0a2
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
514db22cf885b7c6b30af40d433c0fb7b07ddca062b33dd1da85b1cd2e18738e
5156291c4336da3cfa4a386363b1c996710c87f6ce3862dfcfc57d65c933a1fc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59a150126fab7d31ab3a38570401fbd9910c8e7ad790554e8abdfb7c2bc8fee8
5be1b370c7bbd106b2ce45c855c570c80b493896aa5cf8958fb8392f3b0fc151
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e68af1e908d0aa14d14ed32adca06d49320506984200c8e414ad9eef4f8a56
68ae8683733ff9c0d71535657912a8e88dba9b3304686ea42c2ccdfc090cdea1
6d47be278b267b4f111dd41d2fc5a03937bb1b7c28b04feda9337a44a1c158f1
7ae4ec78215699b445ca50282dcdc9f9cf780c42648cba08ef92c8617941219e
7cbc7e5e8e79f6e8309524260018ffda214c359001c0c15ee38c8ecbde876b54
7d8c60f948971d86a3a05fe192a4941b8a8ae03d9ac89247ca9396417df61a05
821b5ea3bad8371ee991b1347a507ca208deaca7cffa778fa1db64b8fc17f1b9
997878f7ca4196afd35aea9f5eb9353f16842a41edff82668bf5d2f66fbd77b6
9bed7a1b84186f8842652ccd0d0ea7524e2893f6074722bf10003e0dd71dd74a
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a175d05c18a590a40a068ac5bd882a55b85fe977e109c7ba762dd5fa3a2622e0
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
b0e5f6cd2711fbd950f9b4e50c14c8e2d6d617596241d7adcd19d03671d8d1a8
b56d2ee0f68b4af1dee4bf85debc576d11b48797ad9ba4047c675ca11d51c9f6
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c1f3d6b13263b546ea2e21960fec43f6228cb69fdb0ef81889d0551f173e77a0
cbe46bdffd29853e6818388b7d00c2963c9e67bf482ab01420e28767b4f0b164
cde1b694208089fff265422d4ce4012e072a1362ecb1b39af21d756937e1f507
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d8c27199c3cf56c51275e898e07d4f32af86268258814b2cc4a3c82e332ac3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb9695e61e31e71f6dfe71848599cd0fc9d6c3397d43c0283f689b0adc0c9ee4
fd4231e6f79f0ceff1b99ce13c8aa1c500199c966f43909f79388b4f3e7747bc
fdd48c15d3d0becd75e2863740fbf2108f4740d5b38f9a58f4284172d40d46a3

jornalutil.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

88 %IPv6

11 Domains

21 Subdomains

17 IPs

3 Countries

1936 kBTransfer

3347 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jornalutil.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

88 %
IPv6

11
Domains

21
Subdomains

17
IPs

3
Countries

1936 kB
Transfer

3347 kB
Size

15
Cookies

55 HTTP transactions
2 data transactions